252 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Macintosh: A possible memory leak in macioaddonedevice has been fixed. After committing 1fa5ae857bb1 “driver core: get rid of struct device’s busid string array”, the name of the device is allocated dynamically. This memory...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: wwanhwsim: Fixed a possible memory leak in wwanhwsimdevnew. When a fault is injected while probing a module, if deviceregister fails, but the refcount of the kobject is not decreased to 0, the name allocated in devsetname may ...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fixed a possible memory leak in ibmebusbusinit. If deviceregister returns an error in ibmebusbusinit, the name of the kobject allocated by devsetname, which is called in deviceadd, is leaked. According to the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drivers: dio: A possible memory leak has been fixed in dioinit. If deviceregister returns an error, the dev object and its associated name need to be freed. Add a release function, and then call putdevice in the error handling...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl: fixed a possible null-ptr-deref in cxlguestinitafu|adapter. If deviceregister fails in cxlregisterafu|adapter, the device is not added. In this case, deviceunregister cannot be called in the error path. Otherwise, a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed the initialization of the device object in vmbusdeviceregister. Initialized the device’s dmamask,parms pointers and the device’s dmamask value before invoking deviceregister. This issue was addressed in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: coresight: syscfg: Fixed a memory leak that occurred during registration failures in cscfgcreatedevice. deviceregister calls deviceinitialize. According to the documentation for deviceinitialize: “Use putdevice to release the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cxl: fixed a possible null-ptr-deref in cxlpciinitafu|adapter. If deviceregister fails in cxlpciafu|adapter, the device is not added. In this case, deviceunregister cannot be called in the error path. Otherwise, a null-ptr-deref...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a possible name leak in tcmloopsetuphbabus. If deviceregister fails in tcmloopsetuphbabus, the name allocated by devsetname needs to be freed. As noted in the comments for deviceregister, it should us...
EUVD-2026-32868
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...
CVE-2026-46109
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...
CVE-2026-46109 usb: ulpi: fix memory leak on ulpi_register() error paths
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...
SUSE CVE-2026-45883
In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...
CVE-2026-45883 iio: sca3000: Fix a resource leak in sca3000_probe()
In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...
PT-2026-43750
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the sca3000 probe function. The spi-irq requested via request threaded irq is not released if the iio device register function fails. Recommendations At the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: vdpasim: A possible memory leak was fixed in vdpasimnetinit and vdpasimblkinit. When a fault is injected while probing a module, if deviceregister fails in vdpasimnetinit or vdpasimblkinit, and the refcount of kobject is not...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Core – The putdevice function should only be called after deviceregister fails. putdevice should not be called before a previous call to deviceregister. thermalcoolingdeviceregister does not follow this principle...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd. If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: rapidio: Fix an API misuse when rioaddnet fails. rioaddnet calls deviceregister, and it fails when deviceregister does. Therefore, putdevice should be used instead of kfree. Also, add "mport-net = NULL;" to avoid a...