22 matches found
SUSE CVE-2026-46235
In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...
PT-2026-44319
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the tracepoint add func function where the subsystem's ext-regfunc is invoked before attempting to install a new probe via func add. If func add fails, such ...
PT-2026-44358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the saa7164 dev setup function within the media component. The system fails to verify the return values of ioremap for BAR0 or BAR2. This lack of validation can lead to...
SUSE CVE-2026-31762
In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix irq resource leak The interrupt handler is setup but only a few lines down if iiotriggerregister fails the function returns without properly releasing the handler. Add cleanup goto to resolve resource leak...
CVE-2026-31599
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtvchannelpmtmatchsections syzbot reported a general protection fault in vidtvpsidescassign 1. vidtvpsipmtstreaminit can return NULL on memory allocation failure, but...
CVE-2026-31492 RDMA/irdma: Initialize free_qp completion before using it
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...
CVE-2026-31426 ACPI: EC: clean up handlers on probe failure in acpi_ec_setup()
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpiecsetup When ecinstallhandlers returns -EPROBEDEFER on reduced-hardware platforms, it has already started the EC and installed the address space handler with the struct acpiec...
CVE-2025-68730 accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...
CVE-2025-68289
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: feem: Fix memory leak in eemunwrap The existing code did not handle the failure case of usbepqueue in the command path, potentially leading to memory leaks. Improve error handling to free all allocated resources on...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991205)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991205 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iiosysfstriginit devsetname allocates memory for...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iouring/futex: Ensure that iofutexwait properly cleans up in case of failure. The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field. However, the request is not marked with REQFASYNCDATA at that point...
CVE-2025-40036
CVE-2025-40036 in the Linux kernel is resolved by fixing a map-leak in the fastrpc path. The vulnerability occurred when copy_to_user() could fail and cause an early return, leaving the fdlist updated by the DSP uncleared, potentially leaking maps. The fix redirects on failure to a cleanup path t...
PT-2025-41028
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the rockchip clk register pll function when clk register fails. Specifically, if registration fails, memory allocated for @pll-rate table via kmemdup is not freed...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-395439)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-395439 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix state management in error path of log writing function After commit a694291a6211...
SUSE CVE-2025-38564
In the Linux kernel, the following vulnerability has been resolved: perf/core: Handle buffer mapping fail correctly in perfmmap After successful allocation of a buffer or a successful attachment to an existing buffer perfmmap tries to map the buffer read only into the page table. If that fails, t...
Linux Distros Unpatched Vulnerability : CVE-2022-49926
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsaloopinit kmemleak reported memory leaks in...
SUSE CVE-2025-22092
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...
SUSE CVE-2025-21906
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: clean up ROC on failure If the firmware fails to start the session protection, then we do call iwlmvmrocfinished here, but that won't do anything at all because IWLMVMSTATUSROCP2PRUNNING was never set. Set...
kernel: sg_write function lacks an sg_remove_request call in a certain failure case
A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...
kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver
A vulnerability was found in hiddevopen in drivers/hid/usbhid/hiddev.c in the USB Human Interface Device class subsystem, where an existing device must be validated prior to its access. The device should also ensure the hiddevlist cleanup occurs at failure, as this may lead to a use-after-free...