CVE-2023-54115

In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...

UBUNTU-CVE-2023-54112

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...

UBUNTU-CVE-2023-54115

In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...

CVE-2023-54114 net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()

In the Linux kernel, the following vulnerability has been resolved: net: nsh: Use correct macoffset to unwind gso skb in nshgsosegment As the call trace shows, skbpanic was caused by wrong skb-macheader in nshgsosegment: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 PID: 2737 Comm: syz Not...

CVE-2023-54115 pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()

In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...

CVE-2023-54115

CVE-2023-54115 involves a memory leak in the Linux kernel PCMCIA subsystem: nonstatic_release_resource_db() may forget to free socket_data when freeing resources for a PCMCIA socket. A fix ensures socket_data is freed as part of the cleanup. Details appear in vendor advisories (e.g., Astra/Unity/...

CVE-2023-54115 pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()

In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When nonstaticreleaseresourcedb frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with...

CVE-2023-54112 kcm: Fix memory leak in error path of kcm_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcmsendmsg syzbot reported a memory leak like below: BUG: memory leak unreferenced object 0xffff88810b088c00 size 240: comm "syz-executor186", pid 5012, jiffies 4294943306 age 13.680s hex dum...

CVE-2023-54094

CVE-2023-54094 — Linux kernel : The issue arises when GRO-ed packets (rx-gro-list) are bridged to local input and an egress device, where segmentation writes into cloned skbs with shared heads, risking skb corruption and a NULL dereference. A fix was implemented by uncloning as needed for the skb...

CVE-2023-54094 net: prevent skb corruption on frag list segmentation

In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: 62.624003 BUG: kernel NULL pointer dereference, address: 00000000000000c0...

CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix null-ptr-deref in unixstreamsendpage. Bing-Jhong Billy Jheng reported null-ptr-deref in unixstreamsendpage with detailed analysis and a nice repro. unixstreamsendpage tries to add data to the last skb in the peer's re...

EUVD-2025-205101

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

CVE-2023-54051 net: do not allow gso_size to be set to GSO_BY_FRAGS

In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed syzbot to crash kernels again 1 Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel....

CVE-2023-54052 wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...

CVE-2023-54052 wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...

CVE-2022-50732

CVE-2022-50732 affects the Linux kernel, specifically the staging driver rtl8192u. The vulnerability is a use-after-free in the ieee80211_rx flow: the skb pointer must not be dereferenced after the call to ieee80211_monitor_rx(), but it may be if the sequence is not ordered correctly. The descrip...

CVE-2022-50732 staging: rtl8192u: Fix use after free in ieee80211_rx()

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192u: Fix use after free in ieee80211rx We cannot dereference the "skb" pointer after calling ieee80211monitorrx, because it is a use after free...

CVE-2025-68372

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config put in recvwork There is one uaf issue in recvwork when running NBDCLEARSOCK and NBDCMDRECONFIGURE: nbdgenlconnect // confref=2 connect and recvwork A nbdopen // confref=3 recvwork A done // confref=2 NBDCLEARSO...

AZL-73123 CVE-2025-68372 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config put in recvwork There is one uaf issue in recvwork when running NBDCLEARSOCK and NBDCMDRECONFIGURE: nbdgenlconnect // confref=2 connect and recvwork A nbdopen // confref=3 recvwork A done // confref=2 NBDCLEARSO...

UBUNTU-CVE-2025-68725

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...