847 matches found
CVE-2026-45964 SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xfsallocbuftarg function not releasing DAX device references at the correct path, resulting i...
CVE-2026-45981
s390/cio: Fix device lifecycle handling in cssallocsubchannel...
PT-2026-43902
In the Linux kernel, the following vulnerability has been resolved: mm/page alloc: return NULL early from alloc frozen pages nolock in NMI on UP On UP kernels !CONFIG SMP, spin trylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, alloc frozen pages...
PT-2026-43831
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gss auth kref leak in gss alloc msg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in auth gss.c" added a kref get&gss auth-kref call to balance the gss put auth done in gss release msg, but forgot to add a...
PT-2026-43848
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in css alloc subchannel css alloc subchannel calls device initialize before setting up the DMA masks. If dma set coherent mask or dma set mask fails, the error path frees the subchannel...
PT-2026-43872
In the Linux kernel, the following vulnerability has been resolved: xfs: fix a resource leak in xfs alloc buftarg In the error path, call fs put dax to drop the DAX device reference...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of device lifecycle in cssallocsubchannel. This vulnerability may lead to reuse...
Unity Linux 20.1070e Security Update: bluez (UTSA-2026-016764)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016764 advisory. BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in t...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, leading to a NULL pointer dereferencing issue. Patch details:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a warning in smcrxsplice, when calling getpage The smcloregisterdmb function allocates DMB buffers using kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: platform: allegro-dvt: A possible memory leak has been fixed in the allocatebuffersinternal function. The buffer within the loop should be released under the exception path; otherwise, a memory leak may occur. To mitigate...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: Fixed issues related to data races around sk-skforwardalloc. Syzkaller reported this warning: ---------------- Cut here ------------------- WARNING: CPU: 0 PID: 16 Location: net/ipv4/afinet.c:156,...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: dmstats: Check for and propagate the allocpercpu failure. Check the return value of allocprecpu, and return an error from dmstatsinit if it fails. Update allocdev to fail if dmstatsinit does. Otherwise, a NULL pointer dereferenci...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures that sensitive crypto data is cleared before it is freed...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt6779 – Added a check for the return value of mtkallocclkdata. The check is added to avoid dereferencing a NULL pointer...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix the dmaalloccoherent error check A check has been added to prevent a NULL return value from occurring when using dmaalloccoherent. This change follows Robin’s fix for the vic.c file in drm/tegra: vic: Fix DM...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: rapidio: A check for rioaddnet has been added in rioscanallocnet. The return value of rioaddnet should be checked. If it fails, putdevice should be called to free the memory and release the references initialized during rioaddnet...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: lan966x: Fixed the page pool leak in error paths. lan966xfdmarxalloc creates a page pool, but does not destroy it if the subsequent fdmaalloccoherent call fails, resulting in the page pool being leaked. Similarly,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed the error handling logic in idxdcdevregister. If the call to allocchrdevregion fails, the already allocated resources may be leaked. Add the necessary error handling logic to prevent this issue from occurri...