20 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fixed the null-ptr-deref issue in hugetlbfsParseParam Syzkaller reported a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak in the smb3fscontextParseParam error path has been fixed. Proper cleanup of ctx-source and fc-source was added to the cifsParseMountErr error handler. This ensures that the memory allocated for the source...
cifs: fix memory leak in smb3_fs_context_parse_param error path
...
AZL-72463 CVE-2025-68219 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix memory leak in smb3fscontextparseparam error path Add proper cleanup of ctx-source and fc-source to the cifsparsemounterr error handler. This ensures that memory allocated for the source strings is correctly freed on al...
CVE-2025-68219 cifs: fix memory leak in smb3_fs_context_parse_param error path
In the Linux kernel, the following vulnerability has been resolved: cifs: fix memory leak in smb3fscontextparseparam error path Add proper cleanup of ctx-source and fc-source to the cifsparsemounterr error handler. This ensures that memory allocated for the source strings is correctly freed on al...
CVE-2025-40268
In the Linux kernel, the following vulnerability has been resolved: cifs: client: fix memory leak in smb3fscontextparseparam The user calls fsconfig twice, but when the program exits, free only frees ctx-source for the second fsconfig, not the first. Regarding fc-source, there is no code in the f...
CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
In the Linux kernel, the following vulnerability has been resolved: cifs: client: fix memory leak in smb3fscontextparseparam The user calls fsconfig twice, but when the program exits, free only frees ctx-source for the second fsconfig, not the first. Regarding fc-source, there is no code in the f...
CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
In the Linux kernel, the following vulnerability has been resolved: cifs: client: fix memory leak in smb3fscontextparseparam The user calls fsconfig twice, but when the program exits, free only frees ctx-source for the second fsconfig, not the first. Regarding fc-source, there is no code in the f...
CVE-2025-40268
The CVE-2025-40268 issue affects the Linux kernel CIFS client, specifically smb3_fs_context_parse_param. The vulnerability arises when an application calls fsconfig twice; on exit, free() only releases the first fsconfig’s ctx->source, not the first context’s, and there is no reclamation for f...
CVE-2025-40268
In the Linux kernel, the following vulnerability has been resolved: cifs: client: fix memory leak in smb3fscontextparseparam The user calls fsconfig twice, but when the program exits, free only frees ctx-source for the second fsconfig, not the first. Regarding fc-source, there is no code in the f...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988730)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988730 advisory. In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook bail on fail scheme doesn't...
EUVD-2022-55521
Malicious code in bioql PyPI...
CVE-2022-50334 hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...
PT-2025-37636
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a null pointer dereference issue in the hugetlbfs parse param function. This occurs when parsing mount parameters, specifically when an illegal parameter like...
Linux Distros Unpatched Vulnerability : CVE-2022-0185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow flaw was found in the way the legacyparseparam function in the Filesystem Context functionality of the Linux kernel verified the...
DEBIAN-CVE-2024-50165
In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param-string when parsing mount options In bpfparseparam, keep the value of param-string intact so it can be freed later. Otherwise, the kmalloc area pointed to by param-string will be leaked as shown below:...
kernel: use-after-free vulnerability in the smb client component
A flaw was found in the SMB client component in the Linux kernel. In case of an error in smb3fscontextparseparam, ctx-password was freed, but the field was not set to NULL, potentially leading to a use-after-free vulnerability. This flaw allows a local user to crash or potentially escalate their...
kernel: LSM: general protection fault in legacy_parse_param
In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular...
CVE-2022-31200
Atmail 5.62 allows XSS via the mail/parse.php?file=html/$this-%3ELanguage/help/filexp.html&FirstLoad=1&HelpFile=file.html Search Terms field...
PT-2023-33599 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a null pointer dereference in the hugetlbfs parse param function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...