CVE-2026-46228

A flaw was found in the Linux kernel, specifically within the spi: ch341 driver. This vulnerability arises from incorrect management of device resources devres lifetime. When a Universal Serial Bus USB driver is unbound, the associated resources are not properly released, which can lead to memory...

CVE-2026-46060

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...

CVE-2026-46103 can: ucan: fix devres lifetime

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

CVE-2026-46103

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

PT-2026-43971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lifetime bookkeeping error exists in the ucan driver within the CAN subsystem. USB drivers bind to USB interfaces, and device managed resources must have their lifetime tied to the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a UAF Use-after-Free in LED devices during unbinding. LED devices created by HD-audio codec drivers are registered using devmledclassdevregister, and they are associated with the HD-audio codec device...

nautobot-ai-ops (>=1.0.0 <=1.0.4), nautobot-device-resources (=1.0.0) +4 more potentially affected by CVE-2026-44794 via nautobot (>=2.0.0 <=2.4.22)

nautobot PYPI version =2.0.0, =1.0.0, =2.0.0, =0.16.0, =2.0.0, =2.5.0 - nautobot-ssot-unifi =1.0.2 Source cves: CVE-2026-44794 Source advisory: SNYK:PYTHON-NAUTOBOT-16691222...

EUVD-2026-27362

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

CVE-2026-31672 wifi: rt2x00usb: fix devres lifetime

In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00usb: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when...

EUVD-2026-25565

In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00usb: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when...

CVE-2026-31506 net: bcmasp: fix double free of WoL irq

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wolirq since it was instantiated with devmrequestirq. So devres will free for us...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989321)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989321 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989522)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989522 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989102)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989102 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...

CVE-2025-40037

CVE-2025-40037 is a Linux kernel use-after-free in the fbdev/simplefb path. The issue arises during device removal when pm_domain cleanup uses a struct simplefb_par allocated inside struct fb_info by framebuffer_alloc(); it was previously freed by unregister_framebuffer(), but devres cleanup runs...

EUVD-2022-55654

In the Linux kernel, the following vulnerability has been resolved: drm/omap: dss: Fix refcount leak bugs In dssinitports and dssuninitports, we should call ofnodeput for the reference returned by ofgraphgetportbyid in fail path or when it is not used anymore...

AZL-75072 CVE-2022-50500 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimdrvprobe when nsimdevresourcesregister failed If some items in nsimdevresourcesregister fail, memory leak will occur. The following is the memory leak information. unreferenced object...

EUVD-2023-58637

Malicious code in bioql PyPI...

CVE-2023-53308

In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the bridgeplatformcreate function failing to release platform device resources in an error situation, which...