111 matches found
UBUNTU-CVE-2026-23068
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23087 scsi: xen: scsiback: Fix potential memory leak in scsiback_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsibackremove Memory allocated for struct vscsiblkinfo in scsibackprobe is not freed in scsibackremove leading to potential memory leaks on remove, as well as in the scsibackprob...
EUVD-2026-5476
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068
CVE-2026-23068 (Linux kernel) : The spi-sprd-adi driver could double-free the spi_controller on probe failure due to using spi_alloc_host() with devm_spi_register_controller(), then falling through to spi_controller_put() when a restart handler registration failed. The fix switches to devm_spi_al...
CVE-2026-23068 spi: spi-sprd-adi: Fix double free in probe error path
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068 spi: spi-sprd-adi: Fix double free in probe error path
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
SUSE CVE-2025-68754
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2025-68754
CVE-2025-68754 affects the Linux kernel rtc driver for amlogic-a4. The issue is a double free caused by manually disabling the clock obtained via devm_clk_get_enabled() in error paths, which conflicts with the devm framework’s automatic clock lifecycle management. The recommended remediation is t...
CVE-2025-68754 rtc: amlogic-a4: fix double free caused by devm
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2023-54109 media: rcar_fdp1: Fix refcount leak in probe and remove function
In the Linux kernel, the following vulnerability has been resolved: media: rcarfdp1: Fix refcount leak in probe and remove function rcarfcpget take reference, which should be balanced with rcarfcpput. Add missing rcarfcpput in fdp1remove and the error paths of fdp1probe to fix this. hverkuil:...
CVE-2022-50703
CVE-2022-50703 relates to two refcount-leak bugs in the Linux kernel soc: qcom: smsm driver (qcom_smsm_probe). The issues occur when local_node and node are escaped from for_each_child_of_node() / for_each_available_child_of_node() without proper of_node_put() calls. The fix adds of_node_put() in...
SUSE CVE-2025-68172
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
EUVD-2025-203724
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
EUVD-2025-203715
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drmputdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc drmputdev'ing to trigger it to be free'd should be done by devres. However, drmputdev is still in the probe...
CVE-2025-68181
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drmputdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc drmputdev'ing to trigger it to be free'd should be done by devres. However, drmputdev is still in the probe...
CVE-2025-68181 drm/radeon: Remove calls to drm_put_dev()
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drmputdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc drmputdev'ing to trigger it to be free'd should be done by devres. However, drmputdev is still in the probe...
PT-2025-49639
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the dln2 probe function within the kernel's MFD Multiple Function Device driver for DLN2 devices. Specifically, when dln2 setup rx urbs fails during the probe...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990004)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990004 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: musb: dsps: Fix the probe error path Commit 7c75bde329d7 usb: musb: musbdsps: requestirq aft...