52 matches found
SUSE CVE-2026-45990
In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...
CVE-2026-45990
In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...
CVE-2026-45990
In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...
CVE-2026-45990
slub: fix data loss and overflow in krealloc...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmemcacheopen In error path, the randomseq of slub cache might be leaked. Fix this by using kmemcacherelease to release all the relevant resources...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: mm/slub: Fixed the issue by returning errno if kmalloc fails. In createuniqueid, kmalloc, GFPKERNEL may fail due to out-of-memory conditions. If this happens, errno should be returned correctly instead of triggering a panic via...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007048)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007048 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...
SUSE CVE-2025-71110
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...
CVE-2025-71110
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...
CVE-2025-71110
Technical details about CVE-2025-71110 are not publicly available in the provided connected documents. No specific affected products, versions, or remediation information are disclosed here; monitor for updates.
CVE-2025-71110 mm/slub: reset KASAN tag in defer_free() before accessing freed memory
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...
CVE-2025-71110
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...
CVE-2025-71110
In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...
PT-2026-2871
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mm/slub component related to memory management when CONFIG SLUB TINY is enabled and on ARM64 systems with Memory Tagging Extension MTE. Specifically,...
kernel: mm: slub: avoid wake up kswapd in set_track_prepare
A deadlock lock recursion vulnerability exists in the linux kernel such that when CONFIGDEBUGOBJECTSTIMERS is set, may wake up kswapd in settrackprepare, and try to hold the percpuhrtimerbases lock...
CVE-2025-68199
In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...
EUVD-2025-31849
The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...
AZL-68019 CVE-2025-39902 affecting package kernel for versions less than 6.6.112.1-1
In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to...
CVE-2025-39902
In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details of an object for further debugging, such as the freelist pointer, redzone, etc. However, if the pointer is invalid, attempting to...