Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: hifusb: A use-after-free issue has been fixed in ath9khifusbregincb. It is possible that the skb buffer is freed during ath9khtcrxmsg, and then usbsubmiturb fails. As a result, we try to free the skb buffer again,...

CVE-2022-50655

In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e, &0x7f00000000c0...

CVE-2025-40175 idpf: cleanup remaining SKBs in PTP flows

In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using skbget. It increases the reference counter for that SKB to prevent unexpected freeing by another...

EUVD-2025-12845

Malicious code in bioql PyPI...

CVE-2022-49924

In the Linux kernel, the following vulnerability has been resolved: nfc: fdp: Fix potential memory leak in fdpncisend fdpncisend will call fdpncii2cwrite that will not free skb in the function. As a result, when fdpncii2cwrite finished, the skb will memleak. fdpncisend should free skb after...

CVE-2022-49924

CVE-2022-49924 : In the Linux kernel NFC fdp path, fdp_nci_send() calls fdp_nci_i2c_write() which may not free the skb, causing a memory leak when the I2C write completes. The public impact is a potential memory leak affecting kernel availability (CVSS base 5.5, HIGH for availability) with no imp...

CVE-2022-49923

The CVE affects the Linux kernel nxp-nci path (nfc: nxp-nci: Fix potential memory leak in nxp_nci_send). The root cause is that nxp_nci_send() frees the allocated skb only on nxp_nci_i2c_write() failure; when the write succeeds, nxp_nci_i2c_write() does not free the skb, causing a memory leak. A ...

CVE-2022-49923 nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()

In the Linux kernel, the following vulnerability has been resolved: nfc: nxp-nci: Fix potential memory leak in nxpncisend nxpncisend will call nxpncii2cwrite, and only free skb when nxpncii2cwrite failed. However, even if the nxpncii2cwrite run succeeds, the skb will not be freed in nxpncii2cwrit...

CVE-2022-49922 nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvli2cncisend nfcmrvli2cncisend will be called by nfcmrvlncisend, and skb should be freed in nfcmrvli2cncisend. However, nfcmrvlncisend will only free skb when i2cmastersend return =...

PT-2025-18526 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the net/x25 component. The x25 lapb receive frame function uses skb copy to obtain a private copy of skb...

CVE-2024-56609

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: use ieee80211purgetxqueue to purge TX skb When removing kernel modules by: rmmod rtw888723cs rtw888703b rtw888723x rtw88sdio rtw88core Driver uses skbqueuepurge to purge TX skb, but not report tx status causing "Have...

LSN-0108-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...

SUSE CVE-2024-47711

In the Linux kernel, the following vulnerability has been resolved: afunix: Don't return OOB skb in manageoob. syzbot reported use-after-free in unixstreamrecvurg. 0 The scenario is 1. sendMSGOOB 2. recvMSGOOB - The consumed OOB remains in recv queue 3. sendMSGOOB 4. recv - manageoob returns the...

AZL-67737 CVE-2024-35839 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nfbridgeinfo An skb can be added to a neigh-arpqueue while waiting for an arp reply. Where original skb's skb-dev can be different to neigh's neigh-dev. For instance in case o...

CVE-2024-26887 Bluetooth: btusb: Fix memory leak

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Fix memory leak This checks if CONFIGDEVCOREDUMP is enabled before attempting to clone the skb and also make sure btmtkprocesscoredump frees the skb passed following the same logic...

GSD-2021-1001088 net: ll_temac: Make sure to free skb when it is completely used

net: lltemac: Make sure to free skb when it is completely used This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.13 by commit...