27 matches found
EUVD-2026-32771
In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...
PT-2026-44267
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An error unwind issue exists in the RDMA mana component. Specifically, the mana ib create qp rss function fails to properly...
EUVD-2026-24821
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publish modedata after clone setup iptfsclonestate stores x-modedata before allocating the reorder window. If that allocation fails, the code frees the cloned state and returns -ENOMEM, leaving x-modedata pointi...
CVE-2026-31471 xfrm: iptfs: only publish mode_data after clone setup
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publish modedata after clone setup iptfsclonestate stores x-modedata before allocating the reorder window. If that allocation fails, the code frees the cloned state and returns -ENOMEM, leaving x-modedata pointi...
PT-2026-34376
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: only publish mode data after clone setup iptfs clone state stores x-mode data before allocating the reorder window. If that allocation fails, the code frees the cloned state and returns -ENOMEM, leaving x-mode data...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013474)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013474 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: release elements in clone only from destroy path Clone already always...
SUSE CVE-2026-23209
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...
CVE-2026-23209
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...
EUVD-2026-5839
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...
CVE-2026-23027
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmpchpicdestroy is not currently doing this...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989105)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989105 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly cancel timer from tapriodestroy There is a comment in qdisccreate...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986743)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986743 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987119)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987119 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly cancel timer from tapriodestroy There is a comment in qdisccreate...
UBUNTU-CVE-2023-53371
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5efsttredirectanycreate The memory pointed to by the fs-any pointer is not freed in the error path of mlx5efsttredirectanycreate, which can lead to a memory leak. Fix by freeing the memory in the...
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5efsttredirectanycreate The memory pointed to by the fs-any pointer is not freed in the error path of mlx5efsttredirectanycreate, which can lead to a memory leak. Fix by freeing the memory in the...
CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.
In the Linux kernel, the following vulnerability has been resolved: sched: address a potential NULL pointer dereference in the GRED scheduler. If kzalloc in gredinit returns a NULL pointer, the code follows the error handling path, invoking greddestroy. This, in turn, calls gredoffload, where...
PT-2024-35522
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential NULL dereference issue has been identified in the Linux kernel, specifically in the mtk crtc destroy function. This issue arises when the mbox request channel call fails in m...
SUSE CVE-2024-47687
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix invalid mr resource destroy Certain error paths from mlx5vdpadevadd can end up releasing mr resources which never got initialized in the first place. This patch adds the missing check in mlx5vdpadestroymrresources ...
CVE-2021-47419
In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly cancel timer from tapriodestroy There is a comment in qdisccreate about us not calling ops-reset in some cases. errout4: / Any broken qdiscs that would require a ops-reset here? The qdisc was never ...
DEBIAN-CVE-2021-47419
In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: properly cancel timer from tapriodestroy There is a comment in qdisccreate about us not calling ops-reset in some cases. errout4: / Any broken qdiscs that would require a ops-reset here? The qdisc was never ...