Page 439 of 3129 results (0.011 seconds)

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105_setup() If any of sja1105_static_config_load(), sja1105_clocking_setup() or sja1105_devlink_setup() fails, we can't just return in the middle of sja1105_setup() or memory will leak. Add a cleanup path. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: dsa: sja1105: agregue manejo de errores en sja1105_setup() Si alguno de sja1105_static_config_load(), sja1105_clocking_setup() o sja1105_devlink_setup() falla, no podemos simplemente regresar en el medio de sja1105_setup() o se perderá memoria. Agregue una ruta de limpieza. • https://git.kernel.org/stable/c/8aa9ebccae87621d997707e4f25e53fddd7e30e4 https://git.kernel.org/stable/c/dd8609f203448ca6d58ae71461208b3f6b0329b0 https://git.kernel.org/stable/c/987e4ab8b8a4fcbf783069e03e7524cd39ffd563 https://git.kernel.org/stable/c/cec279a898a3b004411682f212215ccaea1cd0fb •

CVSS: 6.0EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunately, the interrupt handler (i801_isr) is not prepared for this situation and will try to process the interrupt as if it was signaling the end of a successful transaction. In the case of a block transaction, this can result in an out-of-range memory access. This condition was reproduced several times by syzbot: https://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e https://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e https://syzkaller.appspot.com/bug? • https://git.kernel.org/stable/c/636752bcb5177a301d0266270661581de8624828 https://git.kernel.org/stable/c/f9469082126cebb7337db3992d143f5e4edfe629 https://git.kernel.org/stable/c/09c9e79f4c10cfb6b9e0e1b4dd355232e4b5a3b3 https://git.kernel.org/stable/c/dfa8929e117b0228a7765f5c3f5988a4a028f3c6 https://git.kernel.org/stable/c/c70e1ba2e7e65255a0ce004f531dd90dada97a8c https://git.kernel.org/stable/c/04cc05e3716ae31b17ecdab7bc55c8170def1b8b https://git.kernel.org/stable/c/b523feb7e8e44652f92f3babb953a976e7ccbbef https://git.kernel.org/stable/c/1f583d3813f204449037cd2acbfc09168 • CWE-125: Out-of-bounds Read •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to 'mptcp_frag_can_collapse_to()' assuming that only MPTCP will use the given page_frag. If others - e.g. the plain TCP protocol - allocate page fragments, we can end-up re-using already allocated memory for mptcp_data_frag. Fix the issue ensuring that the to-be-expanded data fragment is located at the current page frag end. v1 -> v2: - added missing fixes tag (Mat) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: mptcp: corrige la corrupción del flujo de datos Maxim informó varios problemas al forzar a un proxy transparente TCP a utilizar el protocolo MPTCP para las conexiones entrantes. También proporcionó un reproductor limpio. El problema se reduce a 'mptcp_frag_can_collapse_to()' suponiendo que sólo MPTCP utilizará el page_frag dado. Si otros (por ejemplo, el protocolo TCP simple) asignan fragmentos de página, podemos terminar reutilizando la memoria ya asignada para mptcp_data_frag. • https://git.kernel.org/stable/c/18b683bff89d46ace55f12d00c0440d44d6160c4 https://git.kernel.org/stable/c/3267a061096efc91eda52c2a0c61ba76e46e4b34 https://git.kernel.org/stable/c/18e7f0580da15cac1e79d73683ada5a9e70980f8 https://git.kernel.org/stable/c/29249eac5225429b898f278230a6ca2baa1ae154 •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: bcm-voter: add a missing of_node_put() Add a missing of_node_put() in of_bcm_voter_get() to avoid the reference leak. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: interconexión: qcom: bcm-voter: agregar un of_node_put() faltante. Agregue un of_node_put() faltante en of_bcm_voter_get() para evitar la fuga de referencia. • https://git.kernel.org/stable/c/976daac4a1c581e5d5fd64047519fd6fcde39738 https://git.kernel.org/stable/c/4e3cea8035b6f1b9055e69cc6ebf9fa4e50763ae https://git.kernel.org/stable/c/93d1dbe7043b3c9492bdf396b2e98a008435b55b https://git.kernel.org/stable/c/a00593737f8bac2c9e97b696e7ff84a4446653e8 •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory allocated for the queues is failed, it can return error directly. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: fec: soluciona la posible pérdida de memoria en fec_enet_init() Si la memoria asignada para cbd_base falla, debería liberar la memoria asignada para las colas; de lo contrario, provoca una pérdida de memoria. Y si falla la memoria asignada para las colas, puede devolver un error directamente. • https://git.kernel.org/stable/c/59d0f746564495c7f54526674deabfcf101236a1 https://git.kernel.org/stable/c/15102886bc8f5f29daaadf2d925591d564c17e9f https://git.kernel.org/stable/c/20255d41ac560397b6a07d8d87dcc5e2efc7672a https://git.kernel.org/stable/c/8ee7ef4a57a9e1228b6f345aaa70aa8951c7e9cd https://git.kernel.org/stable/c/32a1777fd113335c3f70dc445dffee0ad1c6870f https://git.kernel.org/stable/c/619fee9eb13b5d29e4267cb394645608088c28a8 •