2 matches found
CVE-2022-50396 net: sched: fix memory leak in tcindex_set_parms
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexsetparms Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810c287f00 size 256: comm "syz-executor105", pid 3600,...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure by Bypassing Strong Parameters. Specifically the return value of each, or eachvalue, or eachpair will return the underlying "untrusted" hash of data that was read from the parameters. Remediation Upgrade actionpack ...