7906 matches found
UBUNTU-CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
UBUNTU-CVE-2023-53268
In the Linux kernel, the following vulnerability has been resolved: ASoC: fslmqs: move ofnodeput to the correct location ofnodeput should have been done directly after mqspriv-regmap = sysconnodetoregmapgprnp; otherwise it creates a reference leak on the success path. To fix this, ofnodeput is...
CVE-2023-53276 ubifs: Free memory for tmpfile name
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53276
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscryptsetupfilename allocates memory for the name that is to be stored in the directory entry, but after the name has been copi...
CVE-2023-53268
The CVE-2023-53268 entry concerns the Linux kernel ASoC: fsl_mqs component. A use-after-success reference leak occurred due to of_node_put() not being invoked at the correct point after mqs_priv->regmap = syscon_node_to_regmap(gpr_np). The fix moves of_node_put() to the proper location and con...
CVE-2023-53268 ASoC: fsl_mqs: move of_node_put() to the correct location
In the Linux kernel, the following vulnerability has been resolved: ASoC: fslmqs: move ofnodeput to the correct location ofnodeput should have been done directly after mqspriv-regmap = sysconnodetoregmapgprnp; otherwise it creates a reference leak on the success path. To fix this, ofnodeput is...
DEBIAN-CVE-2023-53207
In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...
CVE-2022-50284
In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path is reordered...
DEBIAN-CVE-2022-50284
In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path is reordered...
UBUNTU-CVE-2023-53207
In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublkctrlendrecovery, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDENDUSERRECOVERY,...
UBUNTU-CVE-2022-50284
In the Linux kernel, the following vulnerability has been resolved: ipc: fix memory leak in initmqueuefs When setupmqsysctls failed in initmqueuefs, mqueueinodecachep is not released. In order to fix this issue, the release path is reordered...
CVE-2023-53256 firmware: arm_ffa: Fix FFA device names for logical partitions
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix FFA device names for logical partitions Each physical partition can provide multiple services each with UUID. Each such service can be presented as logical partition with a unique combination of VM ID and...
CVE-2022-50310 ip6mr: fix UAF issue in ip6mr_sk_done() when addrconf_init_net() failed
In the Linux kernel, the following vulnerability has been resolved: ip6mr: fix UAF issue in ip6mrskdone when addrconfinitnet failed If the initialization fails in calling addrconfinitnet, devconfall is the pointer that has been released. Then ip6mrskdone is called to release the net, accessing...
CVE-2022-50310 ip6mr: fix UAF issue in ip6mr_sk_done() when addrconf_init_net() failed
In the Linux kernel, the following vulnerability has been resolved: ip6mr: fix UAF issue in ip6mrskdone when addrconfinitnet failed If the initialization fails in calling addrconfinitnet, devconfall is the pointer that has been released. Then ip6mrskdone is called to release the net, accessing...
CVE-2022-50310
Summary: CVE-2022-50310 affects the Linux kernel and describes a use-after-free (UAF) in ip6mr_sk_done() when addrconf_init_net() fails during net initialization. The vulnerability arises because devconf_all is freed during addrconf_init_net() failure, but ip6mr_sk_done() later accesses devconf-&...
Malicious code in torchflow-experimental (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0decd5e107b4f4bcb30d89989826165495578644d07e40508c616acab44dbc18 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191907 Malicious code in torchflow-experimental (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 0decd5e107b4f4bcb30d89989826165495578644d07e40508c616acab44dbc18 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in amd-taichi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f9a360052987b7df8a2686b98678789e6699d7f6592a2191a5d6346a7897d7d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191678 Malicious code in amd-taichi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f9a360052987b7df8a2686b98678789e6699d7f6592a2191a5d6346a7897d7d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
CVE-2023-53207
CVE-2023-53207 applies to the Linux kernel ublk subsystem. The issue arises in ublk_ctrl_end_recovery: if wait_for_completion_interruptible() is interrupted by a signal, queues aren’t yet fully set up, so the kernel must fail UBLK_CMD_END_USER_RECOVERY to avoid a kernel oops. The CVSS 3.1 data in...