30 matches found
CVE-2026-43089
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
SUSE CVE-2026-31697
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if the firmware command failed. If the failure was due to an invalid...
CVE-2026-31698
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the firmware command failed. If the failure was due to an invalid length...
CVE-2026-31699 crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...
EUVD-2026-26508
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...
EUVD-2026-26507
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the firmware command failed. If the failure was due to an invalid length...
CVE-2026-31697
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if the firmware command failed. If the failure was due to an invalid...
CVE-2026-31698
CVE-2026-31698 affects the Linux kernel crypto CCP Sev driver. The issue arises when retrieving the PDH certificate: if a firmware command fails with an invalid length, the driver may copy data to userspace, causing a kernel-allocated buffer overflow and potential data leakage to the local user. ...
PT-2026-36329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the crypto CCP component when retrieving the PEK CSR. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the...
PT-2026-35023
In the Linux kernel, the following vulnerability has been resolved: xfrm user: fix info leak in build report struct xfrm user report is a u8 proto field followed by a struct xfrm selector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002727)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002727 advisory. An issue was discovered in the Linux kernel before 4.19.3. cryptoreportone and related functions in crypto/cryptouser.c the crypto user configuration API do not full...
SUSE CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
EUVD-2022-55738
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
DEBIAN-CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
UBUNTU-CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
CVE-2022-50667 drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
CVE-2022-50667 drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
CVE-2022-50667
CVE-2022-50667 affects Linux kernel drm/vmwgfx: memory leak in vmw_mksstat_add_ioctl when copying a userspace description fails, causing a leak of the instance descriptor page. SUSE advisory SUSE-SU-2026:0317-1 (SUSE SLES15 SP5 kernel) lists CVE-2022-50667 among fixed issues, indicating a kernel ...