CVE-2026-53290 drm/xe/eustall: Fix drm_dev_put called before stream disable in close

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

CVE-2026-53290

CVE-2026-53290 relates to the Linux kernel DRM subsystem (xe/stall path). The issue occurs in xe_eu_stall_stream_close() where drm_dev_put() is invoked before the stream is disabled and its resources freed. If this drops the last reference, device structures may be freed while subsequent cleanup ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: Fix for NULL pointer dereferencing Commit 71f642833284 “ACPI: utils: Fix reference counting in foreachacpidevmatch” began handling “acpidevput” on a pointer that might be NULL. This approach fails miserably, as the helper...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - Ice: Fixed the KASAN error in the LAG NETDEVUNREGISTER handler. Currently, the same handler is called for both the NETDEVBONDINGINFO LAG unlink notification and the NETDEVUNREGISTER call. This causes a problem, as the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: aoe: fixed the potential use-after-free issue in aoecmdcfgpkts. This patch addresses CVE-2023-6270. The description of the vulnerability is as follows: A flaw was discovered in the ATA over Ethernet AoE driver within the Linux...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: macsec: Fixed the UAF bug related to realdev. A new macsec device was created, but there was no reference to realdev. This does not ensure that realdev is freed after the macsec device is removed. This will trigger the UAF bug...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013590 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pcigetdomainbusandslot says, it returns a...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-006568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006568 advisory. In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmdcfgpkts This patch is against CVE-2023-627...

UBUNTU-CVE-2026-23192

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

CVE-2026-23192 linkwatch: use __dev_put() in callers to prevent UAF

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

CVE-2026-23192

Summary (CVE-2026-23192) : This is a use-after-free in the Linux kernel’s linkwatch subsystem. When a network device is deleted while linkwatch events are pending, the device reference may be freed prematurely (in linkwatch_do_dev), allowing __linkwatch_run_queue to access a freed device. The fix...

CVE-2026-23192

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993310 advisory. In the Linux kernel, the following vulnerability has been resolved: ocxl: fix pci device refcount leak when calling getfunction0 getfunction0 calls...

CVE-2022-50868 hwrng: amd - Fix PCI device refcount leak

In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...

CVE-2022-50659 hwrng: geode - Fix PCI device refcount leak

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988775)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988775 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ACPI: utils: Fix reference counting in...

EUVD-2025-31964

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-50337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ocxl: fix pci device refcount leak when calling getfunction0 getfunction0 calls...