CVE-2023-54294 md/raid10: fix memleak of md thread

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix memleak of md thread In raid10run, if setupconf succeed and raid10run failed before setting 'mddev-thread', then in the error path 'conf-thread' is not freed. Fix the problem by setting 'mddev-thread' right after...

CVE-2023-54275

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix memory leak in ath11kpeerrxfragsetup cryptoallocshash allocates resources, which should be released by cryptofreeshash. When ath11kpeerfind fails, there has memory leak. Add missing cryptofreeshash to fix this...

CVE-2023-54275 wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix memory leak in ath11kpeerrxfragsetup cryptoallocshash allocates resources, which should be released by cryptofreeshash. When ath11kpeerfind fails, there has memory leak. Add missing cryptofreeshash to fix this...

CVE-2023-54162

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2lock argv needs to be free when setupasyncwork fails or when the current process is woken up...

CVE-2023-54162

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2lock argv needs to be free when setupasyncwork fails or when the current process is woken up...

UBUNTU-CVE-2023-54162

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2lock argv needs to be free when setupasyncwork fails or when the current process is woken up...

CVE-2023-54233 ASoC: SOF: avoid a NULL dereference with unsupported widgets

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field won't be set, then sofipc4routesetup will cause a kernel Oops trying to dereference it. Add a...

CVE-2022-50837 net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path

In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...

CVE-2022-50837 net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path

In the Linux kernel, the following vulnerability has been resolved: net: dsa: tag8021q: avoid leaking ctx on dsatag8021qregister error path If dsatag8021qsetup fails, for example due to the inability of the device to install a VLAN, the tag8021q context of the switch will leak. Make sure it is...

CVE-2022-50836 remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()

In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcomaddsysmonsubdev The kfree should be called when ofirqgetbyname fails or devmrequestthreadedirq fails in qcomaddsysmonsubdev, otherwise there will be a memory leak, so add kfree to fix it...

CVE-2023-54162 ksmbd: fix possible memory leak in smb2_lock()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2lock argv needs to be free when setupasyncwork fails or when the current process is woken up...

Malicious code in rippling-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bac12bb851f49ac4801addcf6964c854abe90430140d3e75e4eefcd4c7cf1bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-192962 Malicious code in rippling-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bac12bb851f49ac4801addcf6964c854abe90430140d3e75e4eefcd4c7cf1bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

PT-2025-53955

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's networking subsystem related to DSA Distributed Switch Architecture and 802.1Q tagging. Specifically, if the dsa tag 8021q setup function fails, such ...

Edimax BR-6208AC 输入验证错误漏洞

The Edimax BR-6208AC is a wireless router from Taiwan, China-based Xunzhou Edimax. An input validation error vulnerability exists in Edimax BR-6208AC version 1.02 and 1.03, which stems from incorrect operation of the parameter wlan-url in the file /goform/formALGSetup, which could lead to an open...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992190)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992190 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992356)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992356 advisory. In the Linux kernel, the following vulnerability has been resolved: can: bcm: bcmtxsetup: fix KMSAN uninit-value in vfswrite Syzkaller reported the following issue:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992507 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: fix potential memory leak in setupbasectxt setupbasectxt allocates a memory chunk for...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992391 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispcovlsetup is not intended to work with the...

CVE-2025-69200

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive...