159 matches found
DEBIAN-CVE-2025-21873
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: bsg: Fix crash when arpmb command fails If the device doesn't support arpmb we'll crash due to copying user data in bsgtransportsgiofn. In the case where ufsbsgexecadvancedrpmbreq returns an error, do not set the...
UBUNTU-CVE-2025-21882
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix vport QoS cleanup on error When enabling vport QoS fails, the scheduling node was never freed, causing a leak. Add the missing free and reset the vport scheduling node pointer to NULL...
CVE-2025-21882 net/mlx5: Fix vport QoS cleanup on error
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix vport QoS cleanup on error When enabling vport QoS fails, the scheduling node was never freed, causing a leak. Add the missing free and reset the vport scheduling node pointer to NULL...
SUSE CVE-2022-49628
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix leaks in probe These two error paths should clean up before returning...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: IB/core: Fixed the issue with the cleanup of the ibcachesetupone function. When ibcacheupdate returns an error, the ibcachesetupone function is exited immediately without proper cleanup. This occurs even though we have already...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero the value of ARGPTRTOLONG,INT in cases of errors. For all non-tracing helpers that previously had ARGPTRTOLONG,INT as input arguments, the value is set to zero in cases of errors. This prevents a potential memory leak...
SUSE CVE-2024-56630
In the Linux kernel, the following vulnerability has been resolved: ocfs2: free inode when ocfs2getinitinode fails syzbot is reporting busy inodes after unmount, for commit 9c89fe0af826 "ocfs2: Handle error from dquotinitialize" forgot to call iput when newinode succeeded and dquotinitialize fail...
PT-2026-8177
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's smb/server component within the create smb2 pipe function. Specifically, if the ksmbd iov pin rsp function fails, the ksmbd session rpc close function...
PT-2025-52657
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the tracing subsystem related to Virtual Memory Area VMA handling. Specifically, when a VMA is split, the ring buffer unmap function can be call...
AZL-54857 CVE-2024-56752 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/gr/gf100: Fix missing unlock in gf100grchannew When the call to gf100grctxgenerate fails, unlock gr-fecs.mutex before returning the error. Fixes smatch warning: drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c:480...
The vulnerability in the `TracePluginImpl::writePacket` method of the `TracePluginImpl.cpp` module of the “Red Database” database management system allows a hacker to perform operations without being recorded in the audit log.
The vulnerability of the TracePluginImpl::writePacket method in the TracePluginImpl.cpp module of the “Red Database” database management system is related to the use of binary auditing when the cancelonerror parameter is enabled. Exploiting this vulnerability allows a remote attacker to even canc...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of an uffd call on error...
DEBIAN-CVE-2024-50062
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment For RTRS path establishment, RTRS client initiates and completes connum of connections. After establishing all its connections, the information is exchanged betwee...
AZL-50703 CVE-2024-47728 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...
ata: libata-core: Fix double free on error
...
PT-2024-41479 · Ооо 'Ред Софт' · Ред База Данных
Уязвимость метода TracePluginImpl::writePacket модуля TracePluginImpl.cpp системы управления базами данных «Ред База Данных» связана с использованием бинарного аудита при включенном параметре cancel on error . Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, даже при...
kernel: irqchip/gic-v3-its: Prevent double free on error
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The Linux kernel CVE team has assigned CVE-2024-35847 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35847-7e4b@gregkh/T...
UBUNTU-CVE-2022-48794
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: at86rf230: Stop leaking skb's Upon error the ieee802154xmitcomplete helper is not called. Only ieee802154wakequeue is called manually. In the Tx case we then leak the skb structure. Free the skb structure upon...
UBUNTU-CVE-2024-40999
In the Linux kernel, the following vulnerability has been resolved: net: ena: Add validation for completion descriptors consistency Validate that first flag is set only for the first descriptor in multi-buffer packets. In case of an invalid descriptor, a reset will occur. A new reset reason for R...
SUSE CVE-2022-48722
In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: ca8210: Stop leaking skb's Upon error the ieee802154xmitcomplete helper is not called. Only ieee802154wakequeue is called manually. We then leak the skb structure. Free the skb structure upon error before returni...