19 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: rapidio: devices: fixed the issue where putdevice was missing in mportcdevopen. When kfifoalloc fails, the reference count of chdev-dev remains incremented. We should use putdevice&chdev-dev to decrement the reference count of...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: rapidio: fixed a possible Use-after-Allocation UAF issue when kfifoalloc fails. If kfifoalloc fails in mportcdevopen, it jumps to errfifo and simply frees the priv object. However, since priv remains in chdev-filelist, traversal ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013551 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007626)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007626 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
SUSE CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992886)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992886 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
UBUNTU-CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810 rapidio: devices: fix missing put_device in mport_cdev_open
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810
CVE-2022-50810 (Linux kernel, rapidio devices) : The issue arises in mport_cdev_open where a missing put_device call leaves the reference count of chdev->dev incremented when kfifo_alloc fails, causing a refcount leak. The vulnerability is limited to the rapidio device code path; no exploitati...
CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing putdevice call in the mportcdevopen function, which could lead to a reference count leak...
PT-2025-53928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the rapidio subsystem. Specifically, a reference count leak can occur when kfifo alloc fails during device operations. This happens because t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992577)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992577 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
EUVD-2022-55507
Malicious code in bioql PyPI...
CVE-2022-50245
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...
DEBIAN-CVE-2022-50245
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...
UBUNTU-CVE-2022-50245
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...
CVE-2022-50245
CVE-2022-50245 concerns a Linux kernel issue in the rapidio driver where a UAF can occur if kfifo_alloc() fails during mport_cdev_open(). The fix removes priv from the chdev->file_list before freeing it to prevent traversal from accessing a freed object (the smatch warning reference). Affected...
PT-2023-33886 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a missing put device in mport cdev open, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet been proven...