SUSE CVE-2022-49819

In the Linux kernel, the following vulnerability has been resolved: octeonep: fix potential memory leak in octepdevicesetup When occur unsupporteddev and mbox init errors, it did not free oct-conf and iounmap oct-mmioi.hwaddr. That would trigger memory leak problem. Add kfree for oct-conf and...

RockyLinux 8 : linux-firmware (RLSA-2024:7481)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:7481 advisory. kernel: hw:amd:IOMMU improperly handles certain special address leading to a loss of guest integrity CVE-2023-20584 kernel: hw: amd:Incomplete system...

CVE-2022-49912 btrfs: fix ulist leaks in error paths of qgroup self tests

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ulist leaks in error paths of qgroup self tests In the testnosharedqgroup and testmultiplerefs qgroup self tests, if we fail to add the tree ref, remove the extent item or remove the extent ref, we are returning from t...

Amazon Linux 2 : PackageKit (ALAS-2025-2811)

The version of PackageKit installed on the remote host is prior to 1.1.5-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2811 advisory. A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be...

Security update for openssh

This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: Fix ssh client segfault with GSSAPIKeyExchange=yes i...

SUSE-SU-2025:20160-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: - Fix ssh client segfault with...

Ubuntu 24.04 LTS / 24.10 : Valkey vulnerabilities (USN-7359-1)

The remote Ubuntu 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7359-1 advisory. It was discovered that Valkey did not properly handle memory cleanup. An attacker could possibly use this issue to execute arbitrary code...

USN-7359-1 valkey vulnerabilities

It was discovered that Valkey did not properly handle memory cleanup. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-46981 It was discovered that Valkey did not properly handle resource access permissions. An authenticated attacker could possibly use this issue to...

USN-7359-1: Valkey vulnerabilities

It was discovered that Valkey did not properly handle memory cleanup. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-46981 It was discovered that Valkey did not properly handle resource access permissions. An authenticated attacker could possibly use this issue to...

AMD Radeon 安全漏洞

AMD Radeon is a device driver and utility software package for Advanced Micro Devices graphics cards and GPUs from UltraMicro Semiconductor AMD. A security vulnerability exists in AMD Radeon that stems from insufficient global memory cleanup, which could result in a loss of confidentiality...

DEBIAN-CVE-2021-47658

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a potential gpumetricstable memory leak Memory is allocated for gpumetricstable in renoirinitsmctables, but not freed in int smuv120finismctables. Free it!...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47747)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47747 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free...

CVE-2024-56573

In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdlineptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed whe...

CVE-2024-56573

In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdlineptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed whe...

OESA-2024-2550 linux-firmware security update

This package contains firmware images required by some devices. Security Fixes: IOMMU improperly handles certain special address ranges with invalid device table entries DTEs, which may allow an attacker with privileges and a compromised Hypervisor to induce DTE faults to bypass RMP checks in...

CVE-2024-53118 vsock: Fix sk_error_queue memory leak

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix skerrorqueue memory leak Kernel queues MSGZEROCOPY completion notifications on the error queue. Where they remain, until explicitly recved. To prevent memory leaks, clean up the queue when the socket is destroyed...

DEBIAN-CVE-2024-50236

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Fix memory leak in management tx In the current logic, memory is allocated for storing the MSDU context during management packet TX but this memory is not being freed during management TX completion. Similar leaks a...

SUSE CVE-2024-50167

In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in bexmit The bexmit returns NETDEVTXOK without freeing skb in case of bexmitenqueue fails, add devkfreeskbany to fix it...

kernel: hw:amd: Incomplete system memory cleanup in SEV firmware corrupt guest private memory

A flaw was found in hw in the SNP-SEV firmware. This flaw could allow a privileged attacker to corrupt a guest's private memory, potentially resulting in the loss of data integrity of the guest...

kernel: hw:amd: Incomplete system memory cleanup in SEV firmware corrupt guest private memory

A flaw was found in hw in the SNP-SEV firmware. This flaw could allow a privileged attacker to corrupt a guest's private memory, potentially resulting in the loss of data integrity of the guest...