14 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: Timer: Fix for the idafree call being called when the ID is not allocated. In the sndutimercreate function, if the kasprintf function returns NULL, the sndutimerputid function will be called, ultimately using idafree to fre...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, when an error occurs, the putdevice&rproc-dev call is made, leading to the invocation of the rproctyperelease function. An error can occur before...
CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from rxrpc initiating a call timer when a channel is not allocated, which could result in a null pointer...
Linux Distros Unpatched Vulnerability : CVE-2025-38514
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then...
CVE-2025-38514
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix oops due to non-existence of prealloc backlog struct If an AFRXRPC service socket is opened and bound, but calls are preallocated, then rxrpcallocincomingcall will oops because the rxrpcbacklog struct doesn't get...
CVE-2025-38517
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...
CVE-2025-38517
In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...
PT-2025-33557
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the rxrpc subsystem. Specifically, if an AF RXRPC service socket is opened and bound with preallocated calls, the rxrpc alloc incoming call...
PT-2025-33560
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc2 Description: The Linux kernel contained a flaw in the alloc tag top users function within the lib/alloc tag component. This function attempted to acquire a semaphore lock alloc tag cttype-mod lock eve...
UBUNTU-CVE-2024-58056
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel that stems from the vsockbpfrecvmsg function not properly checking vsk-transport when the transport layer is not...
kernel: md/raid10: fix null-ptr-deref in raid10_sync_request
A null pointer dereference flaw was found in the Linux kernel's RAID10 implementation. When recovery is skipped on a clean array, initresync is called but closesync is not, leaving conf-havereplacement incorrectly set to 0. If a replacement device is later added and recovery is triggered, replbio...
CVE-2022-32735
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...