68528 matches found
CVE-2023-53397
In the Linux kernel, the following vulnerability has been resolved: modpost: fix off by one in isexecutablesection The comparison should be = to prevent an out of bounds array access...
CVE-2023-53375
In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...
CVE-2023-53396
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in dorename If renaming a file in an encrypted directory, function fscryptsetupfilename allocates memory for a file name. This name is never used, and before returning to the caller the memory for it is not...
CVE-2023-53374
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fail SCO/ISO via hciconnfailed if ACL gone early Not calling hcidisconnectcfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent...
CVE-2022-50396
In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindexsetparms Syzkaller reports a memory leak as follows: ==================================== BUG: memory leak unreferenced object 0xffff88810c287f00 size 256: comm "syz-executor105", pid 3600,...
CVE-2023-53402
In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...
CVE-2022-50391
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in setmempolicyhomenode system call When encountering any vma in the range with policy other than MPOLBIND or MPOLPREFERREDMANY, an error is returned without issuing a mpolput on the policy just...
CVE-2022-50375
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: disable dma rx/tx use flags in lpuartdmashutdown lpuartdmashutdown tears down lpuart dma, but lpuartflushbuffer can still occur which in turn tries to access dma apis if lpuartdmatxuse flag is true. At thi...
CVE-2022-50393
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: SDMA update use unlocked iterator SDMA update page table may be called from unlocked context, this generate below warning. Use unlocked iterator to handle this case. WARNING: CPU: 0 PID: 1475 at...
CVE-2023-53381
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix leaked reference count of nfsd4sscumountitem The reference count of nfsd4sscumountitem is not decremented on error conditions. This prevents the laundromat from unmounting the vfsmount of the source file. This patch...
CVE-2022-50389
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmcrb: Add the missed acpiputtable to fix memory leak In crbacpiadd, we get the TPM2 table to retrieve information like start method, and then assign them to the priv data, so the TPM2 table is not used after the init, shou...
CVE-2022-50385
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfsdautomount When mounting from a NFSv4 referral, path-dentry can end up being a negative dentry, so derive the struct nfsserver from the dentry itself instead...
CVE-2022-50387
In the Linux kernel, the following vulnerability has been resolved: net: hinic: fix the issue of CMDQ memory leaks When hinicsetcmdqdepth fails in hinicinitcmdqs, the cmdq memory is not released correctly. Fix it...
CVE-2022-50379
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfsquotaenable, after committing the transaction, we change fsinfo-quotaroot to point to the quota root we created and set BTRFSFSQUOTAENABLED...
CVE-2022-50383
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Can't set dst buffer to done when lat decode error Core thread will call v4l2m2mbufdone to set dst buffer done for lat architecture. If lat call v4l2m2mbufdoneandjobfinish to free dst buffer when lat deco...
CVE-2023-53387
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...
CVE-2023-53373
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...
CVE-2023-53390
In the Linux kernel, the following vulnerability has been resolved: drivers: base: dd: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...
CVE-2023-53411
In the Linux kernel, the following vulnerability has been resolved: PM: EM: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead which...
CVE-2023-53408
In the Linux kernel, the following vulnerability has been resolved: trace/blktrace: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instea...
CVE-2023-53371
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5efsttredirectanycreate The memory pointed to by the fs-any pointer is not freed in the error path of mlx5efsttredirectanycreate, which can lead to a memory leak. Fix by freeing the memory in the...
CVE-2022-50378
In the Linux kernel, the following vulnerability has been resolved: drm/meson: reorder driver deinit sequence to fix use-after-free bug Unloading the driver triggers the following KASAN warning: +0.006275 ============================================================= +0.000029 BUG: KASAN:...
CVE-2022-50377
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53412
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: bcm63xxudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremo...
CVE-2023-53416
In the Linux kernel, the following vulnerability has been resolved: USB: isp1362: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2023-53395
In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of...
CVE-2022-50400
In the Linux kernel, the following vulnerability has been resolved: staging: greybus: audiohelper: remove unused and wrong debugfs usage In the greybus audiohelper code, the debugfs file for the dapm has the potential to be removed and memory will be leaked. There is also the very real potential...
CVE-2023-53372
In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...
CVE-2023-53369
In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...
CVE-2023-53370
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix memory leak in mes self test The fences associated with mes queue have to be freed up during amdgpuringfini...
CVE-2022-50386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...
CVE-2023-53413
In the Linux kernel, the following vulnerability has been resolved: USB: isp116x: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2023-53399
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL pointer dereference in smb2getinfofilesystem If share is , share-path is NULL and it cause NULL pointer dereference issue...
CVE-2023-53406
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: pxa25xudc: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremov...
CVE-2022-50394
In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismtaccess When the driver does not check the data from the user, the variable 'data-block0' may be very large to cause an out-of-bounds bug. The following log can reveal it: 33.995542 i2c...
CVE-2025-4444
A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Impacted is an unknown function of the component Onion Service Descriptor Handler. Performing manipulation results in resource consumption. The attack may be initiated remotely. The attack's complexity is rated as high. The...
CVE-2023-53385
In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fix resource leaks in offinddevicebynode Use putdevice to release the object get through offinddevicebynode, avoiding resource leaks...
CVE-2022-50390
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...
CVE-2023-53410
In the Linux kernel, the following vulnerability has been resolved: USB: ULPI: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...
CVE-2022-50399
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in shcsssetblackframe The "height" and "width" values come from the user so the "height width" multiplication can overflow...
CVE-2023-53415
In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...
CVE-2022-50395
In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrityinitkeyring. However, if keyring allocation failed, it is not freed, causing memory leaks...
CVE-2023-53404
In the Linux kernel, the following vulnerability has been resolved: USB: fotg210: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2023-53376
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...
CVE-2023-53409
In the Linux kernel, the following vulnerability has been resolved: drivers: base: component: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call...
CVE-2023-53403
In the Linux kernel, the following vulnerability has been resolved: time/debug: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
CVE-2022-50397
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2022-50392
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fix refcount leak in mt8183mt6358ts3a227max98357devprobe The node returned by ofparsephandle with refcount incremented, ofnodeput needs be called when finish using it. So add it in the error path in...
CVE-2023-53394
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...
CVE-2022-50384
In the Linux kernel, the following vulnerability has been resolved: staging: vmeuser: Fix possible UAF in tsi148dmalistadd Smatch report warning as follows: drivers/staging/vmeuser/vmetsi148.c:1757 tsi148dmalistadd warn: '&entry-list' not removed from list In tsi148dmalistadd, the error path "got...