Lucene search
K

226 matches found

OSV
OSV
added 2026/06/26 8:17 p.m.4 views

UBUNTU-CVE-2026-53290

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/26 2:8 a.m.8 views

SUSE CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

5.8AI score0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

0.00175EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

5.7CVSS5.7AI score0.00175EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39227

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

5.7AI score0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38994

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg lookup, or blkgtryget fails, the function jumps to the out label whi...

5.8AI score0.00157EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 7:14 a.m.9 views

EUVD-2026-38715

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

5.7AI score0.00142EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears that there were calls to devput without prior calls to devhold, leading to imbalance and UAF Use-After-Fault errors...

7.8CVSS6.2AI score0.0017EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 12:36 p.m.28 views

CVE-2026-52904

The CVE-2026-52904 entry covers a Linux kernel issue in drm/nouveau where nvkm_device leaks occur if aperture_remove_conflicting_pci_devices() fails during probe. The allocated nvkm_device from nvkm_device_pci_new() is not unwound on error, leaking both the device wrapper and the pci_enable_devic...

5.4AI score0.00156EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.12 views

SUSE CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 1:32 a.m.12 views

CVE-2026-45917

A flaw was found in the Linux kernel's IP Virtual Server IPVS component. A race condition exists between the network device notifier and the destination cache when a device is shutting down. This can lead to a leaked device reference, potentially causing system instability or a denial of service...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/27 9:14 p.m.9 views

CVE-2026-46005

A flaw was found in the Linux kernel's xfs filesystem. This resource leak occurs in the xfsallocbuftarg function's error path, where a DAX Direct Access device reference is not properly dropped. An attacker could potentially exploit this flaw to cause resource exhaustion, leading to a Denial of...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32343

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

5.7AI score0.00155EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.8 views

CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

5.7AI score0.00123EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/27 12:56 p.m.23 views

CVE-2026-46005

The CVE-2026-46005 issue concerns a resource leak in the XFS code path of the Linux kernel (xfs_alloc_buftarg) where, in error paths, the DAX device reference must be dropped via fs_put_dax(). Connected documents indicate patches and mitigations across multiple distributions: Debian/OpenSUSE OSV ...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References6Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fixed a reference count leak in pprnotifier. According to the comments on pcigetdomainbusandslot, it returns a PCI device with a reference count that increments after use. The caller must decrement the reference count ...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: nfc: Fixed potential resource leaks. nfcgetdevice now takes a reference to the device and adds it; nfcputdevice is added to release it when no longer needed. Additionally, the style warning was corrected by using the error...

6AI score0.00216EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change to fix a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case. The isp1301getclient helper only increments the...

7.8CVSS5.3AI score0.00152EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcureadlock in bondethtoolgettsinfo as discussed 1, I didn't notice it could be called via setsockopt, which doesn't hold rcu lock, as syzbot pointed: stack backtrace: CPU: 0...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder