Lucene search
+L

247 matches found

OSV
OSV
added 2025/12/24 1:6 p.m.4 views

CVE-2023-54106 net/mlx5: fix potential memory leak in mlx5e_init_rep_rx

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5einitreprx The memory pointed to by the priv-rxres pointer is not freed in the error path of mlx5einitreprx, which can lead to a memory leak. Fix by freeing the memory in the error path,...

6.3AI score0.00173EPSS
Exploits0References6
CVE
CVE
added 2025/12/24 12:23 p.m.16 views

CVE-2023-54065

Summary: CVE-2023-54065 is a Linux kernel vulnerability in the Realtek DSA driver. The issue arises from a faulty probe path that sets priv->chip_data to (void *)priv + sizeof(*priv) and assumes sufficient trailing space. Only the realtek-smi path allocated this chip_data space; realtek-mdio d...

6.3AI score0.00166EPSS
Exploits0References3
NVD
NVD
added 2025/12/24 11:15 a.m.4 views

CVE-2023-54015

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5devcomregisterdevice In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to...

0.00173EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/24 11:15 a.m.3 views

CVE-2023-54015

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5devcomregisterdevice In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to...

5.9AI score0.00173EPSS
Exploits0References7
OSV
OSV
added 2025/12/24 11:15 a.m.9 views

UBUNTU-CVE-2023-54015

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5devcomregisterdevice In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to...

5.9AI score0.00173EPSS
Exploits0References8
CVE
CVE
added 2025/12/24 10:55 a.m.10 views

CVE-2023-54015

CVE-2023-54015: In the Linux kernel, the mlx5_devcom_register_device allocation flow could cause a use-after-free. If devcom allocation fails, the code frees priv, but priv might belong to another thread, risking use-after-free. The fix frees priv only when it was allocated by the running thread,...

6.2AI score0.00173EPSS
Exploits0References6
OSV
OSV
added 2025/12/24 10:55 a.m.10 views

CVE-2023-54015 net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5devcomregisterdevice In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to...

6.5AI score0.00173EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.16 views

PT-2025-52972

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the net/mlx5 component, specifically in the mlx5 devcom register device function. A use-after-free condition can occur if devcom allocation fails,...

7.8CVSS6.4AI score0.00462EPSS
Exploits2References898
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.7 views

PT-2025-53063

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking component related to Realtek DSA drivers. Specifically, the issue involves an out-of-bounds access within the probe function when setting t...

6.6AI score0.00166EPSS
Exploits0References5
OSV
OSV
added 2025/12/23 10:15 p.m.4 views

CVE-2025-14489

RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of RealDefense SUPERAntiSpyware. An attacker must first obtain the ability to execute low-privileged code on...

7.8CVSS6.2AI score0.00171EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.6 views

EUVD-2022-55746

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

5.9AI score0.00242EPSS
Exploits0References10
NVD
NVD
added 2025/12/09 4:17 p.m.9 views

CVE-2022-50659

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

0.00242EPSS
Exploits0References9
OSV
OSV
added 2025/12/09 4:17 p.m.4 views

UBUNTU-CVE-2022-50659

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

5.7AI score0.00242EPSS
Exploits0References12
Cvelist
Cvelist
added 2025/12/09 1:29 a.m.26 views

CVE-2022-50659 hwrng: geode - Fix PCI device refcount leak

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

0.00242EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/12/08 12:0 a.m.12 views

CVE-2022-50626

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...

5.9AI score0.00203EPSS
Exploits0References11
NVD
NVD
added 2025/12/04 4:16 p.m.5 views

CVE-2025-40262

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imxsckeyaction function is called...

0.00171EPSS
Exploits0References8
CVE
CVE
added 2025/12/04 4:8 p.m.23 views

CVE-2025-40262

In CVE-2025-40262, the Linux kernel is affected by a memory corruption issue in the imx_sc_key flow. The root cause is passing an address (&priv) of a stack variable instead of the intended priv in imx_sc_key_action(), leading to memory corruption on unload. The description indicates the fix is t...

6.2AI score0.00171EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/04 4:8 p.m.28 views

CVE-2025-40262 Input: imx_sc_key - fix memory corruption on unload

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imxsckeyaction function is called...

0.00171EPSS
Exploits0References7
EUVD
EUVD
added 2025/12/04 4:8 p.m.4 views

EUVD-2025-201195

In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be "priv" but we accidentally pass "&priv" which is an address in the stack and so it will lead to memory corruption when the imxsckeyaction function is called...

6.1AI score0.00171EPSS
Exploits0References5
NVD
NVD
added 2025/11/18 2:15 a.m.6 views

CVE-2025-8693

A post-authentication command injection vulnerability in the "priv" parameter of Zyxel DX3300-T0 firmware version 5.50ABVY.6.3C0 and earlier could allow an authenticated attacker to execute operating system OS commands on an affected device...

8.8CVSS0.01088EPSS
Exploits0References1
Rows per page
Query Builder