155 matches found
EUVD-2026-36630
Software installed and run as a non-privileged user may conduct GPU system calls to write to arbitrary freed physical pages. Physical memory allocated and freed, without the deferred free mechanism can lead to those resources being used for read/write by the GPU after the kernel module has freed...
SUSE CVE-2026-45947
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...
CVE-2026-45922
In CVE-2026-45922, the Linux kernel RDMA/mlx5 GET_DATA_DIRECT_SYSFS_PATH handler leaks memory: it allocates device-path memory with kobject_get_path() and, if the path length exceeds the output buffer, returns -ENOSPC without freeing, causing a memory leak. The fix adds a kfree() in the error pat...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: qlcnic: Prevent “dbc use-after-free” in qlcnicdcbenable. The “adapter-dcb” pointer would be silently freed within qlcnicdcbenable if qlcnicdcbattach returns an error—something that always occurs under OOM conditions. This could...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed a possible panic during hotplug remove. During hotplug remove, it is possible that the update counters’ operations might still be pending, and they may run after memory has been freed. Cancel the update counters...
ROS-20260414-73-0053
A vulnerability in the imx8mnclocksprobe function of the drivers/clk/imx/clk-imx8mn.c module of the Samsung Exynos clock controller driver of the Linux operating system kernel is related to improper memory freeing. Exploitation of the vulnerability could allow an attacker to cause a denial of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006698)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006698 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006638)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006638 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a confusion in the instructions of the Dawn component responsible for freeing memory. An attacker can...
ROS-20260330-73-0001
A vulnerability in the LSILogic module of the Oracle VM VirtualBox virtualization software tool is associated with insecure privilege management due to incorrect memory freeing. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...
CVE-2026-23352
In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...
ROS-20260324-73-0025
A vulnerability in the fbtft component of the Linux operating system kernel is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260323-73-0024
A vulnerability in the atm component of the Linux operating system kernel is related to improper memory freeing before deleting the last link. Exploitation of the vulnerability allows an attacker to cause a denial of service...
CVE-2025-71236
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...
CVE-2025-71236
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...
CVE-2025-71236 scsi: qla2xxx: Validate sp before freeing associated memory
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...
CVE-2025-71236
CVE-2025-71236: Linux kernel fix for scsi: qla2xxx: Validate sp before freeing associated memory. Root cause was a NULL pointer dereference in the qla2xxx fabric scan/error handling path, leading to a kernel crash. The issue is addressed by checking that sp is non-NULL before freeing memory; mult...
CVE-2025-71236 scsi: qla2xxx: Validate sp before freeing associated memory
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature 154563.214890 nvme nvme2: NVME-FC1: controller connect complete 154564.169363 qla2xxx 0000:b0:00.1-3002:2: nvme: Sched: Set ZIO...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to validate pointers before releasing memory, potentially leading to null pointer...
CVE-2026-23133 wifi: ath10k: fix dma_free_coherent() pointer
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...