Page 370 of 2797 results (0.010 seconds)

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix sysfs leak in alloc_iommu() iommu_device_sysfs_add() is called before, so is has to be cleaned on subsequent errors. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: iommu/vt-d: corrige la fuga de sysfs en alloc_iommu() iommu_device_sysfs_add() se llama antes, por lo que debe limpiarse en caso de errores posteriores. • https://git.kernel.org/stable/c/39ab9555c24110671f8dc671311a26e5c985b592 https://git.kernel.org/stable/c/22da9f4978381a99f1abaeaf6c9b83be6ab5ddd8 https://git.kernel.org/stable/c/2ec5e9bb6b0560c90d315559c28a99723c80b996 https://git.kernel.org/stable/c/044bbe8b92ab4e542de7f6c93c88ea65cccd8e29 https://git.kernel.org/stable/c/f01134321d04f47c718bb41b799bcdeda27873d2 https://git.kernel.org/stable/c/ca466561eef36d1ec657673e3944eb6340bddb5b https://git.kernel.org/stable/c/0ee74d5a48635c848c20f152d0d488bf84641304 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced object 0xffff888101113800 (size 2048): comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) hex dump (first 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................ backtrace: [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline] [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline] [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582 [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline] [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline] [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline] [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292 [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/uss720: corrige la pérdida de memoria en uss720_probe uss720_probe olvida disminuir el recuento de usbdev en uss720_probe. Solucione este problema disminuyendo el recuento de usbdev por usb_put_dev. ERROR: pérdida de memoria, objeto sin referencia 0xffff888101113800 (tamaño 2048): comunicación "kworker/0:1", pid 7, jiffies 4294956777 (edad 28,870 s) volcado hexadecimal (primeros 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1.......... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................. ... seguimiento: [] kmalloc include/linux/slab.h:554 [en línea] [] kzalloc include/linux/slab.h:684 [en línea] [] usb_alloc_dev+0x32/ 0x450 controladores/usb/core/usb.c:582 [] hub_port_connect drivers/usb/core/hub.c:5129 [en línea] [] hub_port_connect_change drivers/usb/core/hub.c:5363 [ en línea] [] port_event drivers/usb/core/hub.c:5509 [en línea] [] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [] Process_one_work+ 0x2c9/0x600 kernel/workqueue.c:2275 [] trabajador_thread+0x59/0x5d0 kernel/workqueue.c:2421 [] kthread+0x178/0x1b0 kernel/kthread.c:292 [ ] ret_from_fork +0x1f/0x30 arco/x86/entrada/entrada_64.S:294 • https://git.kernel.org/stable/c/0f36163d3abefbda1b21a330b3fdf3c2dc076d94 https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391 https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42 https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364 https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88 https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55 https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as part of a fix to ensure we didn't rely on the ordering of child nodes. So we need to support arbitrary ordering but they all need to be there somewhere. Note I hit this when using qemu to test the rest of this series. Arguably this isn't the best fix, but it is probably the most minimal option for backporting etc. Alexandru's sign-off is here because he carried this patch in a larger set that Jonathan then applied. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: iio: adc: ad7124: Se corrige posible desbordamiento por números de canales no secuenciales. La numeración de canales debe comenzar en 0 y luego no tener huecos, o es posible que se desborde el almacenamiento disponible. • https://git.kernel.org/stable/c/5408cbc6337300d6f1a87c797273c535ed96305a https://git.kernel.org/stable/c/d7857e4ee1ba69732b16c73b2f2dde83ecd78ee4 https://git.kernel.org/stable/c/f49149964d2423fb618fb6b755bb1eaa431cca2c https://git.kernel.org/stable/c/f70122825076117787b91e7f219e21c09f11a5b9 https://git.kernel.org/stable/c/26da8040eccc6c6b0e415e9a3baf72fd39eb2fdc https://git.kernel.org/stable/c/f2a772c51206b0c3f262e4f6a3812c89a650191b • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline] [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline] [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460 [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728 En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: usb: corrige la pérdida de memoria en smsc75xx_bind Syzbot informó una pérdida de memoria en smsc75xx_bind(). El problema era que la memoria no se liberaba en caso de errores después de la asignación de memoria. backtrace: [] kmalloc include/linux/slab.h:556 [en línea] [] kzalloc include/linux/slab.h:686 [en línea] [] smsc75xx_bind+0x7a/0x334 controladores/ net/usb/smsc75xx.c:1460 [] usbnet_probe+0x3b6/0xc30 controladores/net/usb/usbnet.c:1728 • https://git.kernel.org/stable/c/d0cad871703b898a442e4049c532ec39168e5b57 https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07 https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17 https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0 https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a80 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: USB: usbfs: Don't WARN about excessively large memory allocations Syzbot found that the kernel generates a WARNing if the user tries to submit a bulk transfer through usbfs with a buffer that is way too large. This isn't a bug in the kernel; it's merely an invalid request from the user and the usbfs code does handle it correctly. In theory the same thing can happen with async transfers, or with the packet descriptor table for isochronous transfers. To prevent the MM subsystem from complaining about these bad allocation requests, add the __GFP_NOWARN flag to the kmalloc calls for these buffers. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: USB: usbfs: No ADVERTIR sobre asignaciones de memoria excesivamente grandes. Syzbot descubrió que el kernel genera una ADVERTENCIA si el usuario intenta enviar una transferencia masiva a través de usbfs con un búfer demasiado grande. Esto no es un error en el kernel; es simplemente una solicitud no válida del usuario y el código usbfs la maneja correctamente. • https://git.kernel.org/stable/c/2ab21d6e1411999b5fb43434f421f00bf50002eb https://git.kernel.org/stable/c/2c835fede13e03f2743a333e4370b5ed2db91e83 https://git.kernel.org/stable/c/8d83f109e920d2776991fa142bb904d985dca2ed https://git.kernel.org/stable/c/9f7cb3f01a10d9064cf13b3d26fb7e7a5827d098 https://git.kernel.org/stable/c/4f2629ea67e7225c3fd292c7fe4f5b3c9d6392de •