160 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: A possible name leak in ocxlfileregisterafu has been fixed. If deviceregister returns an error in ocxlfileregisterafu, the name allocated by devsetname needs to be freed. As commented in deviceregister, it should use...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mtd: Fixed a device name leak when registering a device in addmtddevice. There is a kmemleak when registering a device fails: Unreferenced object 0xffff888101aab550 size 8: Command "insmod", PID 3922, jiffies 4295277753 age...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsihostalloc After a device is initialized using deviceinitialize, or its name is set using devsetname, the device must be freed using putdevice. Otherwise, the device name will be leaked, as it...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a possible name leak in tcmloopsetuphbabus. If deviceregister fails in tcmloopsetuphbabus, the name allocated by devsetname needs to be freed. As noted in the comments for deviceregister, it should us...
MAL-2026-5793 Malicious code in nativescript-swisspost-pcc-creative-editor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c9ef8861d14485e696e98c66d95ee5c2a5a608b213841c9c18b254003ae049 Package masquerades as an internal Swiss Post NativeScript package name nativescript-swisspost-pcc-creative-editor, description literally Security Po...
CVE-2026-46221
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...
UBUNTU-CVE-2026-46221
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...
CVE-2026-46221 EDAC/versalnet: Fix device name memory leak
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...
CVE-2026-46221
In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...
CVE-2026-46221
CVE-2026-46221 concerns the Linux kernel EDAC/versalnet component. The issue is a memory leak where the device name allocated with kzalloc() in init_one_mc() is assigned to dev->init_name, then never freed on the normal removal path. Since device_register() copies init_name and then sets dev-&...
PT-2026-44344
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the EDAC/versalnet component. The init one mc function allocates memory for a device name using kzalloc, which is then assigned to dev-init name. Because device...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: NTB: Fixed a possible name leak in ntbregisterdevice. If deviceregister fails in ntbregisterdevice, the device name allocated by devsetname should be freed. According to the comment in deviceregister, callers should use putdevice...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a leak of kobject names for the sub-group spaceinfo. When the createspaceinfosubgroup function allocates elements of spaceinfo-subgroup, the kobjectinitandadd function is called for each element via...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: mailbox: zynq-ipi: fixed error handling when deviceregister fails When deviceregister fails, there are two issues: 1. The name allocated by devsetname is leaked. 2. The parent of the device is not NULL; deviceunregister is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ptp: A possible memory leak has been fixed in ptpclockregister. I encountered a memory leak during the fault injection test. The affected object is as follows: 0xffff88800906c618 size: 8 bytes: comm "i2c-idt82p33931", pid 4421,...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context CVE-2026-23102 In the Linu...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013770)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013770 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible name leak in ocxlfileregisterafu If deviceregister returns error in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013815)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013815 advisory. In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while deviceregister fails If deviceregister fails, it has...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010979)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010979 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible name leak in ocxlfileregisterafu If deviceregister returns error in...