54813 matches found
UBUNTU-CVE-2023-54047
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dwhdmi: cleanup drm encoder during unbind This fixes a use-after-free crash during rmmod. The DRM encoder is embedded inside the larger rockchiphdmi, which is allocated with the component. The component memory gets...
CVE-2023-54081 xen: speed up grant-table reclaim
In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...
CVE-2023-54081 xen: speed up grant-table reclaim
In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...
CVE-2023-54081
CVE-2023-54081 affects the Linux kernel Xen grant-table reclaim path. When a grant entry is still in use by the remote domain, the VM may accumulate a large deferred-list, causing a severe memory leak and potential VM freeze, notably in Qubes OS due to GUI/window handling constraints. The fix mak...
CVE-2022-50779
The CVE-2022-50779 issue affects the Linux kernel’s orangefs integration. The vulnerability is a memory leak in the orangefs_prepare_debugfs_help_string() path: when the orangefs module is inserted and removed, the debug_help_string is leaked from kmemleak. The root cause is failure to consistent...
CVE-2022-50779 orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...
CVE-2022-50773 ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
In the Linux kernel, the following vulnerability has been resolved: ALSA: mts64: fix possible null-ptr-defer in sndmts64interrupt I got a null-ptr-defer error report when I do the following tests on the qemu platform: make defconfig and CONFIGPARPORT=m, CONFIGPARPORTPC=m, CONFIGSNDMTS64=m Then...
CVE-2022-50763 crypto: marvell/octeontx - prevent integer overflows
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...
CVE-2022-50749 acct: fix potential integer overflow in encode_comp_t()
In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...
CVE-2023-54073
The CVE-2023-54073 issue is a Linux kernel vulnerability fixed by adding the invariant !tpm_amd_is_rng_defective() at the hwrng_unregister() call site inside tpm_chip_unregister(). The description and connected sources show a crash scenario linked to hwrng_unregister() being called during tpm_chi...
CVE-2023-54073 tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 kernel BUG...
CVE-2023-54073 tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 kernel BUG...
CVE-2023-54070
CVE-2023-54070 relates to the igb driver in the Linux kernel. The issue occurs when SR-IOV is enabled and the igb module is removed; due to a cleanup path regression introduced after commit 50f303496d92, the cleanup in error paths after reinit can cause a hang/crash on systems with max_vfs set to...
CVE-2023-54055 RDMA/irdma: Fix memory leak of PBLE objects
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC objects. PBLEs objects...
CVE-2023-54055 RDMA/irdma: Fix memory leak of PBLE objects
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix memory leak of PBLE objects On rmmod of irdma, the PBLE object memory is not being freed. PBLE object memory are not statically pre-allocated at function initialization time unlike other HMC objects. PBLEs objects...
CVE-2023-54055
CVE-2023-54055 (Linux kernel RDMA/irdma PBLE memory leak) : The vulnerability concerns PBLE object memory not being freed on module removal. PBLEs and their Segment Descriptors can be allocated during scale-up and remain until function deinitialization. Root cause: PBLE objects are not freed due ...
CVE-2022-50727 scsi: efct: Fix possible memleak in efct_device_init()
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...
CVE-2022-50713
CVE-2022-50713 affects the Linux kernel in the visconti clock driver. The vulnerability stems from a memory leak in visconti_register_pll(): @pll->rate_table is allocated via kmemdup(), and if clk_hw_register() fails, the allocated memory is not freed. The documented patch fixes this leak by e...
CVE-2022-50713 clk: visconti: Fix memory leak in visconti_register_pll()
In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in viscontiregisterpll @pll-ratetable has allocated memory by kmemdup, if clkhwregister fails, it should be freed, otherwise it will cause memory leak issue, this patch fixes it...
CVE-2025-68740 ima: Handle error code returned by ima_filter_rule_match()
In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by imafilterrulematch In imamatchrules, if imafilterrulematch returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if !rc' check and sets 'result = true'. The LSM rule is...