Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: netsec: fixed error handling in netsecregistermdio. If phydeviceregister fails, phydevicefree must be called to reset the reference count; thus, the memory associated with the phy device and its name can be freed in the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: wifi: cfg80211: The process of initializing wiphywork before allocating rfkill fails. The issue syzbort reported an uninitialized wiphyworklock in cfg80211devfree. 1 When the allocation of rfkill fails, the wiphy release proce...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: media: dvbdev: Fixed a memory leak in dvbMediaDeviceFree. The function dvbMediaDeviceFree leaks memory. It is necessary to free the dvbdev-adapter-conn object before setting it to NULL, as documented in...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from the bandwidth list when freeing the device. Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If the xHCI host is dying or being...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: bcmsf2: Fixed a possible memory leak in bcmsf2mdioregister. The bcmsf2mdioregister function calls of Phyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. The of Phyfinddevice function...

UBUNTU-CVE-2022-50848

In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dioinit If deviceregister returns error, the 'dev' and name needs be freed. Add a release function, and then call putdevice in the error path, so the name is freed in kobjectcleanup and t...

SUSE CVE-2022-50624

In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree need be called to put refcount, so memory of phy device and device name can be freed in callback function. If getphydevice fails,...

CVE-2022-50624 net: netsec: fix error handling in netsec_register_mdio()

In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree need be called to put refcount, so memory of phy device and device name can be freed in callback function. If getphydevice fails,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990436 advisory. In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6devfree from sitinitnet ipip6devfree is sit dev-privdestructor, already...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988737 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs ...

EUVD-2022-55655

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix mt7915ratetxpowerget resource leaks Coverity message: variable "buf" going out of scope leaks the storage. Addresses-Coverity-ID: 1527799 "Resource leaks"...

AZL-52937 CVE-2024-50153 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix null-ptr-deref in targetallocdevice There is a null-ptr-deref issue reported by KASAN: BUG: KASAN: null-ptr-deref in targetallocdevice+0xbc4/0xbe0 targetcoremod ... kasanreport+0xb9/0xf0...

DEBIAN-CVE-2024-44971

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...

UBUNTU-CVE-2024-44971

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: Fix a possible memory leak in bcmsf2mdioregister bcmsf2mdioregister calls ofphyfinddevice and then phydeviceremove in a loop to remove existing PHY devices. ofphyfinddevice eventually calls busfinddevice, which...

SUSE CVE-2023-52898

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhcifreedev which frees the xhci-devssloti...

DEBIAN-CVE-2023-52898

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhcifreedev which frees the xhci-devssloti...

kernel: media: dvbdev: Fix memory leak in dvb_media_device_free()

A flaw was found in the Linux kernel. A missing memory release in the dvbmediadevicefree function in the drivers/media/dvb-core/dvbdev.c file can result in a memory leak...

UBUNTU-CVE-2024-26727

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT if the newly created subvolume already got read BUG There is a syzbot crash, triggered by the ASSERT during subvolume creation: assertion failed: !anondev, in fs/btrfs/disk-io.c:1319 ------------ cut here...

kernel: usb: usbip: fix a refcount leak in stub_probe()

In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubprobe fails after that, usbputdev needs to be called to release the reference. Fix this by moving usbputdev to sdevfree error path...