244 matches found
CVE-2021-26530
The mgtlsinit function in Cesanta Mongoose HTTPS server 7.0 compiled with OpenSSL support is vulnerable to remote OOB write attack via connection request after exhausting memory pool...
CVE-2021-26528
The mghttpservefile function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool...
UBUNTU-CVE-2025-37920
In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race condition in AFXDP generic RX path Move rxlock from xsksocket to xskbuffpool. Fix synchronization for shared umem mode in generic RX path where multiple sockets share single xskbuffpool. RX queue is exclusive to...
CVE-2025-37876 netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS
In the Linux kernel, the following vulnerability has been resolved: netfs: Only create /proc/fs/netfs with CONFIGPROCFS When testing a special config: CONFIGNETFSSUPPORTS=y CONFIGPROCFS=n The system crashes with something like: 3.766197 ------------ cut here ------------ 3.766484 kernel BUG at...
SUSE CVE-2025-21998
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
CVE-2025-21998 firmware: qcom: uefisecapp: fix efivars registration race
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
CVE-2025-21998 firmware: qcom: uefisecapp: fix efivars registration race
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: fix efivars registration race Since the conversion to using the TZ allocator, the efivars service is registered before the memory pool has been allocated, something which can lead to a NULL-pointer...
CVE-2025-21998
CVE-2025-21998 : In the Linux kernel, the efivars service could race with memory pool allocation after the TZ allocator change, risking a NULL pointer dereference on racing EFI variable access. The fix ensures all resources are initialized before registering efivars (firmware: qcom: uefisecapp). ...
SUSE CVE-2022-49534
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGIRJT There is a potential memory leak in lpfcignoreelscmpl and lpfcelsrspreject that was allocated from NPIV PLOGIRJT lpfcrcvplogi's loginmbox. Check if...
UBUNTU-CVE-2022-49097
In the Linux kernel, the following vulnerability has been resolved: NFS: Avoid writeback threads getting stuck in mempoolalloc In a low memory situation, allow the NFS writeback code to fail without getting stuck in infinite loops in mempoolalloc...
CVE-2022-49534 scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGIRJT There is a potential memory leak in lpfcignoreelscmpl and lpfcelsrspreject that was allocated from NPIV PLOGIRJT lpfcrcvplogi's loginmbox. Check if...
kernel: xsk: fix usage of multi-buffer BPF helpers for ZC XDP
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...
UBUNTU-CVE-2024-50119
In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifsiorequestpool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 freelargekmalloc+0xac/0xe0 RIP: 0010:freelargekmalloc+0xac/0xe0 Call Trace: ? warn+0xea/0x330...
CVE-2024-50119 cifs: fix warning when destroy 'cifs_io_request_pool'
In the Linux kernel, the following vulnerability has been resolved: cifs: fix warning when destroy 'cifsiorequestpool' There's a issue as follows: WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 freelargekmalloc+0xac/0xe0 RIP: 0010:freelargekmalloc+0xac/0xe0 Call Trace: ? warn+0xea/0x330...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of the cifs module to properly handle memory pools when destroying cifsiorequestpool, which coul...
Malicious code in Bloсkсore.Features.MemoryPool (NuGet)
--- -= Per source details. Do not edit below this line.=-...
SUSE CVE-2021-47435
In the Linux kernel, the following vulnerability has been resolved: dm: fix mempool NULL pointer race when completing IO dmiodecpending calls endioacct first and will then dec md in-flight pending count. But if a task is swapping DM table at same time this can result in a crash due to...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory pool null pointer contention during IO completion...
SUSE CVE-2024-26611
In the Linux kernel, the following vulnerability has been resolved: xsk: fix usage of multi-buffer BPF helpers for ZC XDP Currently when packet is shrunk via bpfxdpadjusttail and memory type is set to MEMTYPEXSKBUFFPOOL, null ptr dereference happens: 1136314.192256 BUG: kernel NULL pointer...
Siemens SIMATIC CP Use After Free (CVE-2020-9273)
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in allocpool in pool.c, and possible remote code execution. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...