6 matches found
CVE-2022-50669
In CVE-2022-50669, the Linux kernel’s misc: ocxl subsystem contains a name-leak risk in ocxl_file_register_afu() when device_register() errors. The root cause is that the name allocated via dev_set_name() isn’t freed on error, delaying cleanup until kobject_cleanup() and info_release(). The fix a...
EUVD-2022-54774
Malicious code in bioql PyPI...
CVE-2022-49455
CVE-2022-49455 (Linux kernel) fixes a double-free bug in ocxl_file_register_afu: info_release() could be invoked during device_unregister() when info->dev’s refcount was 0, making an extra ocxl_afu_put()/kfree() unnecessary. The patch adds free_minor() and returns to the err_unregister path to...
CVE-2022-49455 misc: ocxl: fix possible double free in ocxl_file_register_afu
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxlfileregisterafu inforelease will be called in deviceunregister when info-dev's reference count is 0. So there is no need to call ocxlafuput and kfree again. Fix this by adding freeminor...
CVE-2022-49455
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxlfileregisterafu inforelease will be called in deviceunregister when info-dev's reference count is 0. So there is no need to call ocxlafuput and kfree again. Fix this by adding freeminor...
CVE-2022-49455 misc: ocxl: fix possible double free in ocxl_file_register_afu
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible double free in ocxlfileregisterafu inforelease will be called in deviceunregister when info-dev's reference count is 0. So there is no need to call ocxlafuput and kfree again. Fix this by adding freeminor...