138 matches found
EUVD-2026-38339
A command injection vulnerability has been identified in the DHCP option processing logic in multiple TP-Link router models, due to insufficient validation of externally supplied DHCP option data. An adjacent attacker may exploit this vulnerability by supplying crafted DHCP responses, potentially...
CVE-2026-52904
A flaw was found in the Linux kernel's drm/nouveau component. This issue arises during device initialization when a specific function fails to properly release allocated memory resources. This memory leak can be triggered by a local user, potentially leading to system instability or a Denial of...
EUVD-2026-32789
In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninit&sfdev-adev. The device release callback icesfdevrelease frees sfdev, but th...
CVE-2026-46060
A flaw was found in the Linux kernel's crypto: qat driver. This vulnerability occurs when the driver fails during device initialization, leading to Interrupt Request IRQ handlers not being properly detached before their associated resources are released. This improper cleanup can result in resour...
CVE-2026-45947
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free vulnerability was discovered in the siano smsusb module within the Linux kernel. The bug occurs during device initialization, when the siano device is plugged in. This flaw allows a local user to crash the system, resulting in a denial-of-service condition...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021607)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021607 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix spinunlockirqrestore called with IRQs enabled Fix missuse of...
SUSE CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
EUVD-2025-209672
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272 most: core: fix resource leak in most_register_interface error paths
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272
The CVE-2025-71272 entry concerns a Linux kernel resource-leak in most_register_interface(). When initialization fails before device registration, memory for the interface could be leaked. The fix initializes the device early with device_initialize(), calls put_device() on all error paths, and sw...
PT-2026-37447
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the most register interface function. The function fails to correctly release resources when an error occurs before the device is registered, resulting in the...
Linux Distros Unpatched Vulnerability : CVE-2025-71272
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fixed the issue of null pointer dereference on the pointer edp. The pointer dev is initialized, and the edp is dereferenced before edp is checked for being null. This could lead to a null pointer dereference issue. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible memory leak in bnxtrdmaauxdeviceinit. If ulp = kzalloc fails, the allocated edev will leak because it is not properly assigned, and the cleanup mechanism will not be able to free it. This issue was fixed ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/srpt: Do not register the event handler until the srpt device is fully set up. In rare cases, KASAN reports a use-after-free error in the srptrefreshport function. This appears to occur because the event handler is...
Linux Distros Unpatched Vulnerability : CVE-2026-31689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calli...
CVE-2026-31689
In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...
CVE-2026-31689
In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...