Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed – fixed a double-free issue caused by devm. The clock obtained via devmclkgetenabled is automatically managed by devres. It will be disabled and freed when the driver is detached. Manual calls to clkdisableunprepar...

CVE-2026-46255

A flaw was found in the Linux kernel's fsl-edma driver. This vulnerability occurs because the driver attempts to explicitly disable clocks during its removal process, even though these resources are automatically managed. This redundant action can lead to warnings being generated during driver...

CVE-2026-46255

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove The clocks in fsledmaengine::muxclk are allocated and enabled with devmclkgetenabled, which automatically cleans these resources up, but these clocks are also manual...

EUVD-2026-34117

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove The clocks in fsledmaengine::muxclk are allocated and enabled with devmclkgetenabled, which automatically cleans these resources up, but these clocks are also manual...

CVE-2026-46255 dmaengine: fsl-edma: don't explicitly disable clocks in .remove()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove The clocks in fsledmaengine::muxclk are allocated and enabled with devmclkgetenabled, which automatically cleans these resources up, but these clocks are also manual...

CVE-2026-46255

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: don't explicitly disable clocks in .remove The clocks in fsledmaengine::muxclk are allocated and enabled with devmclkgetenabled, which automatically cleans these resources up, but these clocks are also manual...

CVE-2026-46255

Summary: CVE-2026-46255 affects the Linux kernel fsl-edma driver (dmaengine). The issue arises because clocks allocated/enabled with devm_clk_get_enabled() are automatically cleaned up, but fsl_edma_remove() explicitly disables them via fsl_disable_clocks(), causing warnings during driver removal...

PT-2026-46018

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the dmaengine fsl-edma component where clocks in fsl edma engine::muxclk are allocated and enabled using devm clk get enabled. This function automatically manages...

SUSE CVE-2026-43015

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double-free caused by devm The clock obtained through devmclkgetenabled is automatically managed by devres. It will be disabled and freed when the driver is detached. Manual calls to clkdisableunprepare in th...

CVE-2026-43015

The CVE-2026-43015 issue is in the Linux kernel macb PCI glue driver where clk handling during platform_device_unregister() can be used after the device is unregistered. The root cause is that platform_device_unregister may still use registered clks during a runtime resume callback, leading to a ...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38136)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38136 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Reorder clock handlin...

CVE-2025-68754

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68754

CVE-2025-68754 affects the Linux kernel rtc driver for amlogic-a4. The issue is a double free caused by manually disabling the clock obtained via devm_clk_get_enabled() in error paths, which conflicts with the devm framework’s automatic clock lifecycle management. The recommended remediation is t...

CVE-2025-68754 rtc: amlogic-a4: fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

SUSE CVE-2025-68172

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2025-68172

CVE-2025-68172: Linux kernel crypto: aspeed driver double-free due to manual clock cleanup. Root cause: clock obtained via devm_clk_get_enabled() is managed by devres and cleanup is handled on detach; manual clk_disable_unprepare() in error path and in remove path caused a double free. Mitigation...

CVE-2025-68172 crypto: aspeed - fix double free caused by devm

In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...

CVE-2023-53854

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...

UBUNTU-CVE-2023-53854

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...