95 matches found
DEBIAN-CVE-2025-29480
Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...
UBUNTU-CVE-2025-29480
Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service via the OGRSpatialReference::Release function. NOTE: the Supplier indicates that the report is invalid and could not be reproduced...
GDAL 安全漏洞
GDAL is an open source geospatial data abstraction library from GDAL Open Source. A security vulnerability exists in GDAL version 3.10.2, which originates from a denial of service that can be exploited by a local attacker to cause a buffer overflow via the OGRSpatialReference::Release function...
CVE-2025-21856
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
DEBIAN-CVE-2025-21856
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
UBUNTU-CVE-2025-21856
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856 s390/ism: add release function for struct device
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856
The CVE-2025-21856 issue affects Linux kernel on s390/ISM where devices must have a release function. The kernel previously freed a struct device after device_add() without waiting for other references (e.g., sysfs), allowing a use-after-free if a release function was not set. Root cause: missing...
CVE-2025-21856 s390/ism: add release function for struct device
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
CVE-2025-21856 s390/ism: add release function for struct device
In the Linux kernel, the following vulnerability has been resolved: s390/ism: add release function for struct device According to devicerelease in /drivers/base/core.c, a device without a release function is a broken device and must be fixed. The current code directly frees the device after calli...
UBUNTU-CVE-2022-49568
In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: 1 destroy which is called when the VM is being destroyed; 2 release which is called when a device fd is closed. Most KVM devices use...
CVE-2022-49653 i2c: piix4: Fix a memory leak in the EFCH MMIO support
In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memory leak in that code path. The leak is caused by the fact that releaseresource merely removes the resource...
SUSE CVE-2024-53984
Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PBENABLEMALLOC is enabled, the message contains at least one field with FTPOINTER field type, custom stream callback is used with unknown stream length. and the pbdecodeex function is used with flag...
UBUNTU-CVE-2024-50261
In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadatadst, which is used to store the SCI value for macsec offload, is already freed by metadatadstfree in macsecfreenetdev,...
UBUNTU-CVE-2024-50150
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a reference to it. When registering the altmode, get a reference to the parent and put it in the...
DEBIAN-CVE-2024-49852
In the Linux kernel, the following vulnerability has been resolved: scsi: elx: libefc: Fix potential use after free in efcnportvportdel The krefput function will call nport-release if the refcount drops to zero. The nport-release release function is efcnportfree which frees "nport". But then we...
block: fix deadlock between sd_remove & sd_release
...
CVE-2021-47089
In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...