14 matches found
CVE-2026-23027
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmpchpicdestroy is not currently doing this...
CVE-2026-23029
The CVE-2026-23029 entry describes a memory-leak in the LoongArch KVM path of the Linux kernel. In kvm_ioctl_create_device(), kvm_device is allocated, but the kvm_device->destroy() path (kvm_eiointc_destroy()) does not free the allocated kvm_device struct, leading to a leak. Multiple sources (...
CVE-2026-23027
The provided reports describe a Linux kernel issue for LoongArch KVM: in kvm_ioctl_create_device(), memory is allocated for kvm_device, and the destroy() path (kvm_pch_pic_destroy()) did not free the allocated struct, causing a memory leak. The fix is to ensure kvm_pch_pic_destroy() frees the kvm...
Linux Distros Unpatched Vulnerability : CVE-2026-23028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has...
UBUNTU-CVE-2023-54201
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...
CVE-2023-54201
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...
CVE-2023-54201
CVE-2023-54201 (Linux kernel) concerns RDMA/efa resource deallocation order. The fix deallocates resources in reverse order of allocation when destroying QP/CQ to prevent underflow of a zeroed refcount if the device destroy fails. The vulnerability arises because the code decremented the refcount...
CVE-2023-54201 RDMA/efa: Fix wrong resources deallocation order
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If t...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988689)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988689 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Don't null dereference ops-destroy A KVM device cleanup happens in either of two callbacks: ...
CVE-2023-53388 drm/mediatek: Clean dangling pointer on bind error path
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...
CVE-2025-38016
CVE-2025-38016 (Linux kernel, HID: bpf: abort dispatch if device destroyed) is confirmed in connected sources as a HID subsystem issue in the Linux kernel. The vulnerability stems from HID-BPF dispatch when a HID device is destroyed: after hid_bpf_destroy_device(), a cleaned-up SRCU can be access...
DEBIAN-CVE-2024-53068
In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix slab-use-after-free in scmibusnotifier The scmidev-name is released prematurely in scmidevicedestroy, which causes slab-use-after-free when accessing scmidev-name in scmibusnotifier. So move the release of...
SUSE CVE-2024-35954
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Avoid sg device teardown race sgremovesfpusercontext must not use sgdevicedestroy after calling scsideviceput. sgdevicedestroy is accessing the parent scsidevice requestqueue which will already be set to NULL when the...
PT-2024-11193 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak has been resolved in the Linux kernel, specifically in the drm/amd/amdgpu module. The issue occurs because the gem object rfb-base.obj0 is retrieved according to num...