19 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where an uninitialized pointer was freed during the readalloconename function. The readalloconename function does not initialize the name field of the passed fscryptstr structure if kmalloc fails to allocate...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: PNP: The memory leak caused by the name of devices being allocated dynamically has been fixed in pnpallocdev. After the commit 1fa5ae857bb1 “Driver core: get rid of struct device’s busid string array”, the name of devices is now...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Added a check for allocation failure for the Entity name. Currently, the findsdcaentityiot function can allocate a string for the Entity name, but it does not check whether the allocation was successful. A NULL check...
EUVD-2026-15236
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...
CVE-2026-23301
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...
CVE-2026-23301
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...
CVE-2023-54207
In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...
EUVD-2025-12949
Malicious code in bioql PyPI...
CVE-2022-50431 ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev devsetname in soundbusaddone allocates memory for name, it need be freed when ofdeviceregister fails, call soundbusdevput to give up the reference that hold in...
CVE-2022-50431
CVE-2022-50431 : Linux kernel patch fixes a memory-leak in ALSA aoa i2sbus handling. The issue stems from dev_set_name() allocating memory for the name in soundbus_add_one() and not freeing it if of_device_register() fails; the fix adds soundbus_dev_put() and frees resources in i2sbus_release_dev...
CVE-2023-53436 scsi: snic: Fix possible memory leak if device_add() fails
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to give up the reference in the error...
CVE-2023-53174
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to decrease the reference count in th...
UBUNTU-CVE-2023-53174
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name allocated by devsetname needs be freed. As the comment of deviceadd says, putdevice should be used to decrease the reference count in th...
Gitlab -- vulnerabilities
Gitlab reports: Cross-site scripting issue in blob viewer impacts GitLab CE/EE Cross-site scripting issue in labels impacts GitLab CE/EE Cross-site scripting issue in Workitem impacts GitLab CE/EE Improper Handling of Permissions issue in project API impacts GitLab CE/EE Incorrect Privilege...
SUSE CVE-2022-49821
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDNdspelementregister Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, use putdevice to give up the reference...
SUSE CVE-2022-49860
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail If deviceregister fails, it should call putdevice to give up reference, the name allocated in devsetname can be freed in callback function kobjectcleanup...
CVE-2022-49793 iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iiosysfstriginit devsetname allocates memory for name, it need be freed when deviceadd fails, call putdevice to give up the reference that hold in deviceinitialize, so that it can ...
PT-2025-18632 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible memory leak in the mISDN register device function has been fixed. The issue occurred after a commit where the device name is allocated dynamically. To resolve this, put devi...
kernel: firmware: arm_scpi: Fix string overflow in SCPI genpd driver
In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Fix string overflow in SCPI genpd driver Without the bound checks for scpipd-name, it could result in the buffer overflow when copying the SCPI device name from the corresponding device tree node as the name...