CVE-2026-47328

The CVE affects Ubuntu Linux versions 6.8, 6.17 and 7.0, where AppArmor SAUCE patches incorrectly free a pointer that was not kmalloc’d and leak memory. The vulnerability can be triggered by an unprivileged local user and may lead to slab metadata corruption and resource exhaustion. Root cause: d...

CVE-2026-47328 Invalid pointer deallocation in Ubuntu Linux AppArmor notification handling

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmallocd, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata an...

SUSE CVE-2026-46029

In the Linux kernel, the following vulnerability has been resolved: mm/slab: return NULL early from kmallocnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, kmallocnolock called from NMI context can...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Fixed KASAN: slab-out-of-bounds read in fib6nhflushexceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag ‘fixes’ of git://git.kernel.org/pub/scm.. git tree:...

CVE-2024-56566

A use-after-free list corruption vulnerability was found in the Linux kernel. If an allocated object fails in allocconsistencychecks, all objects of the slab will be marked as used and the slab will be removed from the partial list. When an object belonging to the slab gets freed later, the...

CVE-2024-56566

The CVE-2024-56566 issue affects the Linux kernel mm/slub code. If alloc_consistency_checks fails during slab allocation, objects in that slab can be marked as used and the slab removed from the partial list, but later freeing an object could trigger remove_full() on a slab that is neither in the...

Oracle Linux 5 : ELSA-2012-1540-1: / kernel (ELSA-2012-15401)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-15401 advisory. - The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows...

SUSE CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

DEBIAN-CVE-2018-12233

In the eaget function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered by an unprivileged user with the ability to creat...

Kernel slab corruption in the inotify subsystem of the linux Linux kernel - CVE-2017-7533

No description provided...

Linux Kernel 4.12 Race Condition Vulnerability

A race condition was found in the Linux kernel versions 3.14-rc1 through 4.12. The race happens between threads of inotifyhandleevent and vfsrename while running the rename operation against the same file. The next slab data or the slab's free list pointer can be corrupted with attacker-controlle...

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

kernel security and bug fix update

2.6.32-504.16.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.16.1 - fs gfs2: Move gfs2filesplicewrite outside of ifdef Robert S Peterson 1198329 1193559 - security keys: close race between key lookup and freeing...

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-68.1.2 - IB/core: Prevent integer overflow in ibumemget address arithmetic Shachar Raindel Orabug: 20799875 CVE-2014-8159 CVE-2014-8159 3.8.13-68.1.1 - xen-pciback: limit guest control of command register Jan Beulich Orabug: 20697017 CVE-2015-2150 CVE-2015-2150 - net: sctp: fix...

Unbreakable Enterprise kernel security update

kernel-uek 2.6.32-400.37.3 - net: sctp: fix slab corruption from use after free on INIT collisions Daniel Borkmann Orabug: 20780349 CVE-2015-1421...

kernel: net: slab corruption from use after free on INIT collisions

A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system...

DEBIAN-CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...

CVE-2015-1421

Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...