175 matches found
CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810 rapidio: devices: fix missing put_device in mport_cdev_open
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810
CVE-2022-50810 (Linux kernel, rapidio devices) : The issue arises in mport_cdev_open where a missing put_device call leaves the reference count of chdev->dev incremented when kfifo_alloc fails, causing a refcount leak. The vulnerability is limited to the rapidio device code path; no exploitati...
PT-2025-53928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the rapidio subsystem. Specifically, a reference count leak can occur when kfifo alloc fails during device operations. This happens because t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992163)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992163 advisory. In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the followin...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing putdevice call in the mportcdevopen function, which could lead to a reference count leak...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992577)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992577 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992306)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992306 advisory. In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the followin...
CVE-2025-40249
No description is available for this CVE...
SUSE CVE-2025-40249
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
UBUNTU-CVE-2025-40249
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249 gpio: cdev: make sure the cdev fd is still active before emitting events
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
CVE-2025-40249
The CVE-2025-40249 issue affects the Linux kernel GPIO character device (gpio cdev). The release path can defer the fput() action to a work queue while the descriptor’s reference count already reached zero, risking a use-after-free if get_file() is used. The documented fix is to use get_file_acti...
CVE-2025-40249 gpio: cdev: make sure the cdev fd is still active before emitting events
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
EUVD-2025-201208
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...
Linux Distros Unpatched Vulnerability : CVE-2025-40249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred an...
Linux Distros Unpatched Vulnerability : CVE-2022-50568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fhid: fix fhidg lifetime vs cdev The embedded struct cdev does not have its lifetime correctly tied to the enclosing struct fhidg, so there is a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989558)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989558 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix the error handling path in idxdcdevregister If a call to allocchrdevregion...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989613 advisory. In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsgctrldev and cdev struct rpmsgctrldev contains a...