77 matches found
CVE-2026-46196
In the Linux kernel, the following vulnerability has been resolved: tracepoint: balance regfunc on funcadd failure in tracepointaddfunc When a tracepoint goes through the 0 - 1 transition, tracepointaddfunc invokes the subsystem's ext-regfunc before attempting to install the new probe via funcadd...
CVE-2026-46196
In the Linux kernel, the following vulnerability has been resolved: tracepoint: balance regfunc on funcadd failure in tracepointaddfunc When a tracepoint goes through the 0 - 1 transition, tracepointaddfunc invokes the subsystem's ext-regfunc before attempting to install the new probe via funcadd...
CVE-2026-46162
In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninitdev-adev. The device release callback icesfdevrelease frees sfdev, but the...
CVE-2026-45997
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
UBUNTU-CVE-2026-45997
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
CVE-2026-45997 scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
CVE-2026-45997
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing putdisk when deviceadd&diskdev fails If deviceadd&sdkp-diskdev fails, putdevice runs scsidiskrelease, which frees the scsidisk but leaves the gendisk referenced. The deviceadddisk error path in sdprobe calls...
CVE-2026-45997
The CVE-2026-45997 issue affects the Linux kernel SCSI layer (sd driver). In sd_probe(), if device_add(&sdkp->disk_dev) fails, a missing put_disk() caused scsi_disk to be freed while the associated gendisk remained referenced. The vulnerability/bug is fixed by mirroring the cleanup path in the...
PT-2026-43864
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference-count leak occurs in the SCSI subsystem. When the device add&disk dev function fails, put device triggers scsi disk release, which frees the scsi disk but fails to release th...
Linux Distros Unpatched Vulnerability : CVE-2026-46079
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rbd: fix null-ptr-deref when deviceadddisk fails dorbdadd publishes the device with deviceadd before calling deviceadddisk. If deviceadddisk fails after devicea...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible memory leak if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to release the...
Astra Linux - уязвимость в linux-5.10
A use-after-free flaw was discovered in the addpartition function in the block/partitions/core.c file within the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue arises due to the lack of code cleanup when the deviceadd function fails...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021550)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021550 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd,...
Astra Linux - уязвимость в linux-5.15, linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible Use-after-Allocation UAF in snictgtcreate A warning is reported as follows: drivers/scsi/snic/snicdisc.c:307 snictgtcreate warning: &‘tgt-list’ was not removed from the list If the deviceadd function...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: md: fixed the kmemleak in rdev-serial If kobjectadd fails in bindrdevtoarray, ‘rdev-serial’ will not be freed, resulting in a kmemleak. The unreferenced object 0xffff88815a350000 size 49152 includes the following information: com...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011290)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011290 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if deviceadd fails If deviceadd returns error, the name...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011174)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011174 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible UAF in snictgtcreate Smatch reports a warning as follows:...
SUSE CVE-2026-31399
In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...
EUVD-2026-18780
In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...
CVE-2026-31399
A flaw was found in the Linux kernel's nvdimm/bus component. During asynchronous device initialization, if the deviceadd function fails in ndasyncdeviceregister, a use-after-free vulnerability can occur. This happens because the device's reference count drops to zero before the parent pointer is...