2093 matches found
drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait()
...
CVE-2026-53281
The CVE-2026-53281 entries describe a Linux kernel IOMMU VT-d issue where NULL pointer dereference or refcount corruption could occur during teardown if dev_pasid was not found in the dev_pasids list or if domain was never attached. The root cause was improper teardown execution after potential N...
UBUNTU-CVE-2026-53161
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP responses. When the user closes the file descriptor, fastrpcdevicerelease fre...
UBUNTU-CVE-2026-53269
In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...
EUVD-2026-38815
In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...
EUVD-2026-38977
In the Linux kernel, the following vulnerability has been resolved: powerpc/pgtable-frag: Fix bad page state in ptefragdestroy powerpc uses ptfragrefcount as a reference counter for tracking it's pte and pmd page table fragments. For PTE table, in case of Hash with 64K pagesize, we have 16...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/rxe: Fixed a race condition in QP timer handlers. The following warning was encountered: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at rxeschedtask+0x1c8/0x238 rdmarxe, CPU0: swapper/0/0 … libsha1 last unloaded:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: SCTP: Added a refcnt field in sctpstreampriorities to avoid a nested loop. With this addition of the refcnt in sctpstreampriorities, we no longer need to traverse all streams to check whether a priority is used by other streams...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fixed the incorrect order of resource deallocation. When attempting to destroy a QP or CQ, we first reduce the reference count and potentially free the memory regions allocated for the object. Then, we request the devic...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: Clearing MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in putpagetestzero when testing madvice with MADVSOFTOFFLINE. The bug is triggered when retrying getanypage. This occurs because the...
Astra Linux – Vulnerability in Wayland
An internal reference count is maintained on the buffer pool; this count increments every time a new buffer is created from the pool. The reference count is stored as an integer. On LP64 systems, this can lead to an overflow if the client creates a large number of wlshm buffer objects, or if it...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: tipc: fixed a possible refcount leak in tipcskcreate Free sk in case tipcskinsert fails...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fixed error handling in mt8195mt6359rt1019rt5682devprobe. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after the function is completed...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: padata: Do not leak the reference count in reorderwork. A recent patch that addressed a UAF introduced a reference count leak: The reference count of paralleldata is incremented unconditionally, regardless of the return value of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices in hasexternalpci has been fixed. foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice indicates that it will increase the referenc...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fixed the mpolnew leak in sharedpolicyreplace. If mpolnew is allocated but not used during the restart loop, mpolnew will be freed via mpolput before returning to the caller. However, refcnt has not been initialized...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove the improper idxdfree The call to idxdfree introduces a duplicate putdevice call, resulting in a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15, PID: 4428, at...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a race condition between ipv6getifaddr and ipv6deladdr Although ipv6getifaddr operates under the RCU lock, it still allows hlistforeachentryrcu to return an item that has already been removed from the list. The memory...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fixed OF node reference count leakage. Automated reviews identified a leakage of the OF node reference count when checking whether the ‘leds’ child node exists. The call to putnode is used to correctly...