1000 matches found
CVE-2025-39827
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in roseneigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct roseneigh tracks references from rosenode structures, while the 'us...
UBUNTU-CVE-2025-39827
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in roseneigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct roseneigh tracks references from rosenode structures, while the 'us...
CVE-2025-39827
CVE-2025-39827 concerns the Linux kernel net/rose subsystem: the rose_neigh refcounting used two separate counters (count from rose_node and use from rose_sock). The patch merges these into a single refcount (use) and updates rose_rt_free(), rose_rt_device_down(), and rose_clear_route() to releas...
CVE-2025-39827 net: rose: include node references in rose_neigh refcount
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in roseneigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct roseneigh tracks references from rosenode structures, while the 'us...
CVE-2025-39826 net: rose: convert 'use' field to refcount_t
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcountt The 'use' field in struct roseneigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a roseneigh structure is freed while still being reference...
Linux Distros Unpatched Vulnerability : CVE-2022-50274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: dvbdev: adopts refcnt to avoid UAF dvbunregisterdevice is known that prone to use-after-free. That is, the cleanup from dvbunregisterdevice releases the...
UBUNTU-CVE-2022-50274
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: adopts refcnt to avoid UAF dvbunregisterdevice is known that prone to use-after-free. That is, the cleanup from dvbunregisterdevice releases the dvbdevice even if there are pointers stored in file-privatedata still...
CVE-2022-50274
CVE-2022-50274 : In the Linux kernel, a use-after-free in dvb_unregister_device() was mitigated by adding a reference counter to struct dvb_device and delaying deallocation until no pointers reference the object. The vulnerability stemmed from cleanup releasing the dvb_device while file->priva...
CVE-2022-50274 media: dvbdev: adopts refcnt to avoid UAF
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: adopts refcnt to avoid UAF dvbunregisterdevice is known that prone to use-after-free. That is, the cleanup from dvbunregisterdevice releases the dvbdevice even if there are pointers stored in file-privatedata still...
CVE-2022-50274 media: dvbdev: adopts refcnt to avoid UAF
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: adopts refcnt to avoid UAF dvbunregisterdevice is known that prone to use-after-free. That is, the cleanup from dvbunregisterdevice releases the dvbdevice even if there are pointers stored in file-privatedata still...
DEBIAN-CVE-2023-53186
In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 "skbuff: fix coalescing for pagepool fragment recycling" allowed coalescing to proceed with non page pool page and page pool page when @from is cloned,...
CVE-2022-50259
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...
kernel: ipv6: mcast: Delay put pmc->idev in mld_del_delrec()
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in mlddeldelrec pmc-idev is still used in ip6mcclearsrc, so as mldcleardelrec does, the reference should be put after ip6mcclearsrc return...
PT-2025-37498
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the cxl subsystem where a null pointer dereference may occur in the cxl pci init afu|adapter function. Specifically, if device register fails, the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from reference counting not being handled correctly after a new block group is changed to an unused state, which...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized request reference counting, which could lead to the use of uninitialized request data structur...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly managing reference counting, which could lead to reuse after release...
PT-2025-37551
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free vulnerability exists in the Linux kernel's Btrfs file system related to block group management. Specifically, if a task creates a new block group that becomes unused...
UBUNTU-CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
kernel: tipc: Fix use-after-free in tipc_conn_close()
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates tipcnetnet-topsrv-connidr and calls tipcconnclose for each tipcconn. The problem is th...