4 matches found
CVE-2024-27396
CVE-2024-27396 affects the Linux kernel net/gtp code: a Use-After-Free in gtp_dellink during RCU traversal (hlist_for_each_entry_rcu) because the traversal isn’t inside the RCU read critical section. The fix replaces the traversal with hlist_for_each_entry_safe to ensure the key isn’t freed durin...
CVE-2021-47455
The CVE-2021-47455 issue is a Linux kernel memory-leak in ptp_clock_register. When posix_clock_register() fails, the device name allocated via dev_set_name() is leaked instead of being freed, with memory freed later by kobject_cleanup() and ptp_clock_release(). The linked Nessus/Unity advisories ...
CVE-2025-37911
CVE-2025-37911 affects the bnxt_en driver in the Linux kernel. The issue is an out-of-bounds memcpy when retrieving a firmware coredump via ethtool -w, which can lead to memory corruption. The root cause is a mismatch between the DMA-length returned by the firmware and info->dest_buf size when...
CVE-2023-53234
The CVE-2023-53234 entry relates to the Linux kernel watchdog subsystem. The attached description and connected Nessus advisories confirm a root-cause: put_device is not called in all code paths when cdev_device_add fails and wdd->id != 0, leading to leaks in watchdog_dev_register paths. The f...