26 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...
Astra Linux - уязвимость в firefox, thunderbird
If an AlignedBuffer is assigned to itself, the subsequent self-move operation may lead to an incorrect reference count, potentially causing a use-after-free issue. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002215)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002215 advisory. The mountpointlast function in fs/namei.c in the Linux kernel before 3.15.8 does not properly maintain a certain reference count during attempts to use the umount...
kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...
CVE-2022-38999
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...
EUVD-2019-10970
Malware in sbrugna...
EUVD-2017-9333
Malware in sbrugna...
EUVD-2022-33914
Malicious code in bioql PyPI...
EUVD-2023-33547
Malicious code in bioql PyPI...
CVE-2019-10585
Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053...
CVE-2025-37779
CVE-2025-37779 pertains to the Linux kernel. A folio refcount bug in lib/iov_iter caused a UAF when an EROFS file-backed mount over 9P (v9fs) on QEMU was exercised, due to pages in bvec being coalesced across a folio boundary. The root cause was inadequate refcount handling for non-slab folios, p...
CVE-2025-22025
CVE-2025-22025 concerns the Linux kernel NFS server (nfsd) where, before queuing dl_recall in nfsd4_run_cb, the code increments a reference count on dl_stid. If queuing fails, the callback path does not run, and the corresponding dl_stid reference is not decremented, leading to a leak of nfs4_sti...
Linux Distros Unpatched Vulnerability : CVE-2024-50021
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper handling of refcount in icedpllinitrclkpins This patch addresses a referen...
CVE-2024-46973 Exploitable kernel use-after-free on psServerMMUContext due to reference count mismanagement
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions...
CVE-2024-56558 nfsd: make sure exp active before svc_export_show
In the Linux kernel, the following vulnerability has been resolved: nfsd: make sure exp active before svcexportshow The function eshow was called with protection from RCU. This only ensures that exp will not be freed. Therefore, the reference count for exp can drop to zero, which will trigger a...
Unspecified vulnerability in Linux kernel (CNVD-2024-35564)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the gianfar module in gfargettsinfo due to an increase in the reference count of node pointers returned b...
ALSA-2024:4583 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbypo...
CVE-2023-52566 nilfs2: fix potential use after free in nilfs_gccache_submit_read_data()
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfsgccachesubmitreaddata In nilfsgccachesubmitreaddata, brelsebh is called to drop the reference count of bh when the call to nilfsdattranslate fails. If the reference count hits 0 and it...
RLSA-2024:0134 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use after free in unixstreamsendpage CVE-2023-4622 kernel: vmwgfx: reference count issue leads to use-after-free in surface handli...
Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
...