215 matches found
CVE-2026-58051
A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Mitigation To mitigate this issue, ensure your applications connect only to trusted and...
CVE-2026-58051
CVE-2026-58051 affects libssh2 up to version 1.11.1. The vulnerability arises because libssh2 grows its publickey list using SSH2_REALLOC but does not zero-initialize the newly allocated entries before parsing populates them. If parsing fails and the code path cleans up, libssh2_publickey_list_fr...
CVE-2026-7531
Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...
CVE-2026-52959
In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...
UBUNTU-CVE-2026-8925
The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the same pointer twice...
CVE-2026-54278
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: A double-free operation occurred in the error handling of gpauxbusprobe. When auxiliarydeviceadd returns an error, it then calls auxiliarialdeviceuninit. The callback function gpauxiliarydevicerelease...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not properly handled in lpfcgetsfpinfo, and the routine unconditionally frees the submitted mailbox commands, regardless of the return status. Th...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dma-buf/syncfile: Do not leak fences during merge failures. Each call to addfence performs a dmafenceget operation on the relevant fence. In error-prone scenarios, we did not call dmafenceput, resulting in all those fences bei...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307 – fixed the double-free of devmkzalloc memory. A previous change added NULL checks and cleanup procedures for allocation failures in sma1307settingloaded. However, the cleanup for modeset entries is incorrect. These...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fixed a memory leak in seg6hmacinitalgo. seg6hmacinitalgo returns without cleaning up previously allocated memory. If this happens, all that memory will be leaked, potentially causing issues with crypto-related function...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Misc: ocxl: fixed a possible double-free in ocxlfileregisterafu. The inforelease function will be called in deviceunregister when the reference count of info-dev is 0. Therefore, there is no need to call ocxlafuput and kfree agai...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Staging: vt6655 – Fixed some erroneous memory cleanup loops. In some initialization functions of this driver, memory is allocated using ‘i’ as an index variable, with the value increasing from 0. The “Fixes” section includes...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: Ensure that the allocated iovec is cleared in case of an early failure. A previous commit reused the recycling infrastructure for early cleanup, but this is not sufficient in cases where our internal caches overflow. ...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: batman-adv: fix error handling Syzbot reported an ODEBUG warning in batadvncmeshfree. The problem lay in incorrect error handling in batadvmeshinit. Before this patch, batadvmeshinit would call batadvmeshfree in case any...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fixed the potential NULL pointer dereferencing issue. If sdprobe encounters an error before sdkp-device is initialized, sdzbcreleasedisk is called. This leads to a NULL pointer dereferencing issue when sdiszoned is call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: PCI: dwc – Deallocation of EPC memory during dwpcieepinit failures If dwpcieepinit fails to perform any actions after the EPC memory is initialized and the MSI memory region is allocated, the latter parts will not be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: vdpasim: A memory leak was fixed when freeing IOTLBs. After the commit bda324fd037a “vdpasim: control virtqueue support”, vdpasim-iommu became an array of IOTLBs. Therefore, we should clean the mappings of each freed IOTLB one...
Astra Linux – Vulnerability in amd64-microcode
Incomplete system memory cleanup in the SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...
CVE-2026-46235
In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...