23 matches found
PT-2026-37463
In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fb acquire newinfo If fbcon open fails when called from con2fb acquire newinfo then info-fbcon par pointer remains NULL which is later dereferenced. Add check for return value of the function con2...
Linux Distros Unpatched Vulnerability : CVE-2026-31737
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate...
CVE-2026-31737
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated...
EUVD-2026-26550
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated...
CVE-2026-31737
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated...
CVE-2026-31737
Technical details (affected product/component/versions/root cause/impact or fixes) for CVE-2026-31737 are not publicly available in the provided connected documents. Monitor for updates.
CVE-2026-31737 net: ftgmac100: fix ring allocation unwind on open failure
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated...
CVE-2026-31737
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated...
PT-2026-36372
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100 alloc rings allocates rx skbs, tx skbs, rxdes, txdes, and rx scratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocat...
Linux Distros Unpatched Vulnerability : CVE-2026-23282
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialise...
CVE-2023-54147
CVE-2023-54147 affects the Linux kernel component media: platform: mtk-mdp3. The root cause is a missing check of the return value from ida_alloc, which could lead to a NULL pointer dereference. The patch also ensures that the allocated ctx->id is freed if mdp_m2m_open fails later, preventing ...
CVE-2022-50729 ksmbd: Fix resource leak in ksmbd_session_rpc_open()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbdsessionrpcopen When ksmbdrpcopen fails then it must call ksmbdrpcidfree to undo the result of ksmbdipcidalloc...
CVE-2022-50729
CVE-2022-50729 concerns a Linux kernel issue in the ksmbd component where a resource leak occurs in ksmbd_session_rpc_open(). The underlying cause, as described in the available documents, is that when ksmbd_rpc_open() fails, ksmbd_rpc_id_free() must be called to undo the result of ksmbd_ipc_id_a...
PT-2025-53224
In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida alloc Add the check for the return value of the ida alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdp m2m open fails later in...
CVE-2025-27063
Memory corruption during video playback when video session open fails with time out error...
CVE-2025-38570
CVE-2025-38570 is described in the initial document as a Linux kernel issue in the fbnic AF_XDP path, where a UaF occurs in xsk_bind() due to NAPI handling: NAPI is freed and the NAPI pointer is not cleared from the queue after a device open failure. The report indicates a local attack vector wit...
PT-2025-33769
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free UaF issue in the fbnic module within the AF XDP portion of the queues. The vulnerability occurs when a Network Address Port Identifier NAPI h...
OESA-2023-1076 lxc security update
Containers are insulated areas inside a system, which have their own namespace for filesystem, network, PID, IPC, CPU and memory allocation and which can be created using the Control Group and Namespace features included in the Linux kernel. Security Fixes: lxc-user-nic in lxc through 5.0.1 is...
July 11, 2017, update for Office 2013 (KB3172545)
July 11, 2017, update for Office 2013 KB3172545 This article describes update 3172545 for Microsoft Office 2013 that was released on July 11, 2017. This update also applies to Office Home and Student 2013 RT. This update has a prerequisite. Be aware that the update in the Microsoft Download Cente...
OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618)
The unpacker::redirectstdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite...