SUSE CVE-2025-71236

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...

LIVE555 Streaming Media Post-Release Reuse Vulnerability

LIVE555 Streaming Media is a cross-platform C++ open source library , focusing on providing solutions for streaming media applications , supporting a variety of standard protocols such as RTP/RTCP, RTSP and SIP. LIVE555 Streaming Media suffers from a post-release reuse vulnerability that stems fr...

LIVE555 Streaming Media 安全漏洞

LIVE555 Streaming Media is a cross-platform C++ open source library , focusing on providing solutions for streaming media applications , supporting a variety of standard protocols such as RTP/RTCP, RTSP and SIP. LIVE555 Streaming Media suffers from a post-release reuse vulnerability that stems fr...

Linux Distros Unpatched Vulnerability : CVE-2022-50569

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: Update ipcompscratches with NULL when freed Currently if ipcompallocscratches fails to allocate memory ipcompscratches holds obsolete address. So when we...

CVE-2022-50433 efi: ssdt: Don't free memory if ACPI table was loaded successfully

In the Linux kernel, the following vulnerability has been resolved: efi: ssdt: Don't free memory if ACPI table was loaded successfully Amadeusz reports KASAN use-after-free errors introduced by commit 3881ee0b1edc "efi: avoid efivars layer when loading SSDTs from variables". The problem appears t...

Linux Distros Unpatched Vulnerability : CVE-2021-41688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DCMTK through 3.6.6 does not handle memory free properly. The object in the program is free but its address is still used in other locations. Sending specific...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a mix-up in rfctsframes.cc in the rfcsendbufuih directive responsible for freeing memory, which can be exploited by an attacker to elevat...

DEBIAN-CVE-2025-5899

A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: algifhash - Remove bogus SGL free on zero-length error path When a zero-length message is hashed by algifhash, and an error is triggered, it tries to free an SG list that was never allocated in the first place. Fix this b...

CVE-2024-56562 i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()

In the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free initdynaddr at i3cmasterputi3caddrs if dev-boardinfo && dev-boardinfo-initdynaddr ^^^ here check "initdynaddr" i3cbussetaddrslotstatus&master-bus, dev-info.dynaddr, ... ^^^^ free "dynaddr" Fix copy/past...

SUSE CVE-2024-36910

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need...

GNU gdb Reuse After Release Vulnerability

GNU gdb is a program debugging tool developed by the GNU open source organization that supports C, C++, Go, Fortran and many other programming languages. GNU gdb suffers from a post-release reuse vulnerability that originates from a confusion in the instruction responsible for freeing memory in t...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a mix-up in the program's instructions responsible for freeing memory, and can be exploited by an attacker...

DEBIAN-CVE-2023-25565

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the cb and sh buffers contain a copy of the data that...

UBUNTU-CVE-2023-25565

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the cb and sh buffers contain a copy of the data that...

CVE-2022-34480

Within the lginit function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox 102...

PT-2024-11180 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's nvmet module, where it attempts to free memory from the wrong pool, causing a crash. Specifically, when a p2p device is found but the p2p poo...

ALPINE-CVE-2018-19876

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...