7 matches found
CVE-2021-47009
CVE-2021-47009 relates to the Linux kernel KEYS: trusted subsystem. The issue is a memory leak in the object td where two error return paths failed to free td, leading to leaked memory. The fix changes control flow to return via an error path that securely frees td with kfree. The description als...
CVE-2021-46922
CVE-2021-46922 affects the Linux kernel KEYS: trusted TPM reservation for seal/unseal. The root cause was a rebased patch that caused tpm_try_get_ops() to be lost in tpm2_seal_trusted(), leading to imbalanced TPM ops and oopses on TIS hardware. The issue has been fixed by restoring the lost tpm_t...
CVE-2024-38555
CVE-2024-38555: In the Linux kernel, the net/mlx5 driver fixes a use-after-free by discarding FW command completions arriving during an internal error state. The patch prevents calling the completion handler when the device will flush the command interface, avoiding use-after-free/refcount underf...
CVE-2022-29156
The CVE-2022-29156 issue is a Linux kernel vulnerability: a double free in drivers/infiniband/ulp/rtrs/rtrs-clt.c (rtrs_clt_dev_release) present in kernels before 5.16.12. This is a local-attackable condition with high impact on confidentiality, integrity, and availability as reflected by CVSS. R...
CVE-2024-36957
CVE-2024-36957 affects the Linux kernel driver octeontx2-af. The vulnerability is due to an off-by-one read from userspace when attempting to copy count + 1 bytes (memdup_user(buffer, count + 1)), while the userspace buffer only contains count bytes. The fix prevents this by using memdup_user_nul...
CVE-2021-47507
CVE-2021-47507 concerns the Linux kernel nfsd startup race. The issue stems from the nsfd startup order: an RPC pipefs event race against nfsd_net_id registration, which was re-opened by commit bd5ae9288d64 and fixed by commit bb7ffbf29e76. The patch sequence restores the order между register_per...
CVE-2025-71084
CVE-2025-71084 (Linux kernel) fixes a leak in the multicast GID table reference within RDMA/cm. If the CM ID is destroyed while the multicast creation event is queued, cancel_work_sync() can prevent the work from running and destroy ah_attr, causing a refcount leak and a WARN in kernel logs. Affe...