CVE-2022-48764

CVE-2022-48764 concerns the Linux kernel KVM x86 CPUID handling. The provided documents consistently describe a memory-leak issue where the kernel did not free the kvm_cpuid_entry2 array after successful post-KVM_RUN KVM_SET_CPUID{,2} calls, potentially leaving an unreferenced 2048-byte object (e...

CVE-2024-35849 btrfs: fix information leak in btrfs_ioctl_logical_to_ino()

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfsioctllogicaltoino Syzbot reported the following information leak for in btrfsioctllogicaltoino: BUG: KMSAN: kernel-infoleak in instrumentcopytouser include/linux/instrumented.h:114 inline BUG:...

CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

CVE-2021-47082 tun: avoid double free in tun_free_netdev

In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tunfreenetdev Avoid double free in tunfreenetdev by moving the dev-tstats and tun-security allocs to a new ndoinit routine tunnetinit that will be called by registernetdevice. ndoinit is paired with the...