954 matches found
CVE-2025-71102
In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...
CVE-2025-71102
In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...
CVE-2021-41121
Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0...
SUSE CVE-2023-54235
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...
CVE-2025-50343
An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...
CVE-2023-54235
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...
UBUNTU-CVE-2023-54235
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...
UBUNTU-CVE-2022-50822
In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released...
CVE-2023-54235 PCI/DOE: Fix destroy_work_on_stack() race
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...
CVE-2023-54235 PCI/DOE: Fix destroy_work_on_stack() race
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroyworkonstack race The following debug object splat was observed in testing: ODEBUG: free active active state 0 object: 0000000097d23782 object type: workstruct hint: doestatemachinework+0x0/0x510 WARNING: CPU: ...
CVE-2023-53993
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIGDEBUGOBJECTS=y After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak with CONFIGDEBUGOBJECTS=y...
SUSE CVE-2023-53993
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIGDEBUGOBJECTS=y After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak with CONFIGDEBUGOBJECTS=y...
CVE-2023-54137
In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix capmigration information leak Fix an information leak where an uninitialized hole in struct vfioiommutype1infocapmigration on the stack is exposed to userspace. The definition of struct...
CVE-2025-68738
In the Linux kernel, the MT7996 Wi‑Fi driver fix for CVE-2025-68738 resolves a null pointer dereference in mt7996_conf_tx(). If a link has no assigned channel yet, mt7996_vif_link could return NULL while updates to queue settings still needed, so the fix moves the queue parameter storage inside s...
RUSTSEC-2025-0143 Unsound APIs of public `constant::Reader` and `StructSchema`
The safe API functions constant::Reader::get and StructSchema::new rely on PointerReader::getrootunchecked, which can cause undefined behavior UB by constructing arbitrary words or schemas. Reader::get rust pub fn get&self - Result::Reader // ... // UNSAFE: access words without validation...
CVE-2023-53993
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIGDEBUGOBJECTS=y After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak with CONFIGDEBUGOBJECTS=y...
UBUNTU-CVE-2023-53993
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIGDEBUGOBJECTS=y After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak with CONFIGDEBUGOBJECTS=y...
EUVD-2022-55717
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...
CVE-2022-50639 io-wq: Fix memory leak in worker creation
In the Linux kernel, the following vulnerability has been resolved: io-wq: Fix memory leak in worker creation If the CPU mask allocation for a node fails, then the memory allocated for the 'iowqe' struct of the current node doesn't get freed on the error handling path, since it has not yet been...
SUSE CVE-2025-40279
In the Linux kernel, the following vulnerability has been resolved: net: sched: actconnmark: initialize struct tcife to fix kernel leak In tcfconnmarkdump, the variable 'opt' was partially initialized using a designatied initializer. While the padding bytes are reamined uninitialized. nlaput copi...