CVE-2023-53381 NFSD: fix leaked reference count of nfsd4_ssc_umount_item

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix leaked reference count of nfsd4sscumountitem The reference count of nfsd4sscumountitem is not decremented on error conditions. This prevents the laundromat from unmounting the vfsmount of the source file. This patch...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nfsd not properly handling a dlrecall queue failure, which could result in a reference count error...

CVE-2024-45564 Use After Free in HLOS

Memory corruption during concurrent access to server info object due to incorrect reference count update...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect reference count of a parent node, which could lead to a resource leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the pfcpnewlink function linking a device to the incorrect network namespace devnetdev instead of the correc...

CVE-2024-56749

In the Linux kernel, the following vulnerability has been resolved: dlm: fix dlmrecovermembers refcount on error If dlmrecovermembers fails we don't drop the references of the previous created rootlist that holds and keep all rsbs alive during the recovery. It might be not an unlikely event becau...

kernel: can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fix UAF for rxkref of j1939priv It will trigger UAF for rxkref of j1939priv as following. cpu0 cpu1 j1939skbindsocket0, ndev0, ... j1939netdevstart j1939skbindsocket1, ndev0, ... j1939netdevstart...

kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c

A use-after-free flaw was found in u32change in net/sched/clsu32.c in the network subcomponent of the Linux kernel. This flaw allows a local attacker to crash the system, cause a privilege escalation, and leak kernel information...

SUSE CVE-2013-4483

The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application...

SUSE CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...

CVE-2022-20088

In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06209201...

UBUNTU-CVE-2019-20811

An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c...

CVE-2019-18198

In the Linux kernel before 5.3.4, a reference count usage error in the fib6rulesuppress function in the fib6 suppression feature of net/ipv6/fib6rules.c, when handling the FIBLOOKUPNOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753...

CVE-2019-18198

In the Linux kernel before 5.3.4, a reference count usage error in the fib6rulesuppress function in the fib6 suppression feature of net/ipv6/fib6rules.c, when handling the FIBLOOKUPNOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753...

Session fixation

In the Linux kernel before 5.3.4, a reference count usage error in the fib6rulesuppress function in the fib6 suppression feature of net/ipv6/fib6rules.c, when handling the FIBLOOKUPNOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753...

CVE-2019-18198

In the Linux kernel before 5.3.4, a reference count usage error in the fib6rulesuppress function in the fib6 suppression feature of net/ipv6/fib6rules.c, when handling the FIBLOOKUPNOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753...

PT-2019-4349 · Linux +2 · Linux +2

Name of the Vulnerable Software and Affected Versions: Linux versions prior to 5.3.4 Description: A local attacker can exploit a reference count usage error in the fib6 rule suppress function in the fib6 suppression feature of the net/ipv6/fib6 rules.c file, when handling the FIB LOOKUP NOREF fla...

UBUNTU-CVE-2014-0205

The futexwait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service use-after-free and system crash or possibly gain privileges via a crafted application th...