175 matches found
CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810 rapidio: devices: fix missing put_device in mport_cdev_open
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810
CVE-2022-50810 (Linux kernel, rapidio devices) : The issue arises in mport_cdev_open where a missing put_device call leaves the reference count of chdev->dev incremented when kfifo_alloc fails, causing a refcount leak. The vulnerability is limited to the rapidio device code path; no exploitati...
PT-2025-53928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the rapidio subsystem. Specifically, a reference count leak can occur when kfifo alloc fails during device operations. This happens because t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992163)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992163 advisory. In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the followin...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992577)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992577 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing putdevice call in the mportcdevopen function, which could lead to a reference count leak...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992306)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992306 advisory. In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the followin...
CVE-2025-40249
No description is available for this CVE...
SUSE CVE-2025-40249
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
UBUNTU-CVE-2025-40249
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249 gpio: cdev: make sure the cdev fd is still active before emitting events
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249 gpio: cdev: make sure the cdev fd is still active before emitting events
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
EUVD-2025-201208
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249
The CVE-2025-40249 issue affects the Linux kernel GPIO character device (gpio cdev). The release path can defer the fput() action to a work queue while the descriptor’s reference count already reached zero, risking a use-after-free if get_file() is used. The documented fix is to use get_file_acti...
Linux Distros Unpatched Vulnerability : CVE-2025-40249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred an...
Linux Distros Unpatched Vulnerability : CVE-2022-50568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fhid: fix fhidg lifetime vs cdev The embedded struct cdev does not have its lifetime correctly tied to the enclosing struct fhidg, so there is a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989558)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989558 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxdcdevregister If a call to allocchrdevregion...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989613 advisory. In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsgctrldev and cdev struct rpmsgctrldev contains a...