103 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state rdsconnpath::cpstate and transitions from one state to another and are conditional upon a...
CVE-2026-31691
In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...
CVE-2026-31512 Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2capecreddatarcv l2capecreddatarcv reads the SDU length field from skb-data using getunalignedle16 without first verifying that skb contains at least...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011133)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011133 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix inode leak in ext4xattrinodecreate on an error path There is issue as follows when do...
EUVD-2026-15311
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences 't' after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory...
OpenClaw Slack: dmPolicy=open allowed any DM sender to run privileged slash commands
Summary When Slack DMs are configured with dmPolicy=open, the Slack slash-command handler incorrectly treated any DM sender as command-authorized. This allowed any Slack user who could DM the bot to execute privileged slash commands via DM, bypassing intended allowlist/access-group restrictions...
UBUNTU-CVE-2025-68770
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix XDPTX path For XDPTX action in bnxtrxxdp, clearing of the event flags is not correct. bnxtpollwork - bnxtrxpkt - bnxtrxxdp may be looping within NAPI and some event flags may be set in earlier iterations. In particula...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the issue of generating skb from non-linear xdpbuff during striding RQ operations. XDP programs can modify the layout of an xdpbuff using bpfxdpadjusttail and bpfxdpadjusthead. Therefore, the driver cannot assume...
UBUNTU-CVE-2022-50837
In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...
CVE-2022-50874 RDMA/erdma: Fix refcount leak in erdma_mmap
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
CVE-2022-50874 RDMA/erdma: Fix refcount leak in erdma_mmap
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...
PT-2025-54110
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdma mmap rdma user mmap entry get take reference, we should release it when not need anymore, add the missing rdma user mmap entry put in the error path to fix it...
CVE-2022-50754
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix a memleak in multitransactionnew In multitransactionnew, the variable t is not freed or passed out on the failure of copyfromusert-data, buf, size, which could lead to a memleak. Fix this bug by adding a...
UBUNTU-CVE-2022-50732
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211rx We cannot dereference the "skb" pointer after calling ieee80211monitorrx, because it is a use after free...
CVE-2023-54047 drm/rockchip: dw_hdmi: cleanup drm encoder during unbind
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dwhdmi: cleanup drm encoder during unbind This fixes a use-after-free crash during rmmod. The DRM encoder is embedded inside the larger rockchiphdmi, which is allocated with the component. The component memory gets...
CVE-2023-54009
No concrete technical details for CVE-2023-54009 are provided in the Connected documents. The Linux kernel runtime PM leak fix description appears only in the Initial document; no vendor/product/version specifics or remediation details are reproduced here.
PT-2025-49745
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
CVE-2023-53744 soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xxpmprobe wkupm3ipcget takes refcount, which should be freed by wkupm3ipcput. Add missing refcount release in the error paths...
CVE-2022-50620
CVE-2022-50620: Linux kernel/f2fs issue fixed. Root cause: in the error path of f2fs_start_discard_thread(), dcc->f2fs_issue_discard was not invalidated, allowing kthread_stop() to dereference an invalid pointer in the shutdown path (e.g., f2fs_stop_discard_thread, kill_f2fs_super, and related...
CVE-2025-40247
CVE-2025-40247 affects the Linux kernel drm/msm path. The issue arises in msm_vma_job_free via an ioctl path cleanup when prealloc_cleanup() runs without a preceding successful prealloc_allocate(), leading to a NULL-pointer/translation fault in the pgtable preallocation flow. Public details descr...