PT-2026-43735

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix refcount leak in pcs add gpio func of parse phandle with args returns a device node pointer with refcount incremented in gpiospec.np. The loop iterates through all phandles but never releases the reference,...

CVE-2026-31475

In CVE-2026-31475, the Linux kernel ASoC sma1307 component had a double-free issue: mode_set entries allocated with devm_kzalloc() were (incorrectly) freed with kfree() in an error path. The remedy documented across multiple sources is to drop the manual kfree() loop and rely on device resource m...

SUSE CVE-2026-23431

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...

EUVD-2026-18667

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...

UBUNTU-CVE-2026-23431

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...

PT-2026-30126

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in aml spisg probe In aml spisg probe, ctlr is allocated by spi alloc target/spi alloc host, but fails to call spi controller put in several error paths. This leads to a memory leak whenever th...

CVE-2026-23176

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibahaps: Fix memory leaks in add/remove routines toshibahapsadd leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshibahapsremove does not free the object...

EUVD-2026-5501

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...

CVE-2026-23046 virtio_net: fix device mismatch in devm_kzalloc/devm_kfree

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...

CVE-2023-54221 clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe

In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93clocksprobe In function probe, it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregisterhws;' on line 295 and line 310. Use...

SUSE CVE-2025-68170

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree devres managed rdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc rdev is managed by devres and we shouldn't be calling kfree on it. This fixes things exploding if the...

UBUNTU-CVE-2025-68181

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drmputdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc drmputdev'ing to trigger it to be free'd should be done by devres. However, drmputdev is still in the probe...

CVE-2025-40144

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989218)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989218 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during...

PT-2025-40676

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/mediatek subsystem, specifically within the mtk drm crtc component. The devm kcalloc function may return NULL, and the code does not adequately...

EUVD-2023-59831

Malicious code in bioql PyPI...

PT-2025-37889

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the drm/msm/dpu subsystem where a failure of devm kzalloc could lead to a null pointer dereference in the dpu writeback init function. Specifically,...

PT-2025-37694

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue was resolved in the Linux kernel related to the nvidia-shield HID device. The vulnerability occurred because the input device name was freed during device...

PT-2025-37610

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where the return value of the devm kcalloc function is not checked. This can lead to a NULL pointer dereference if devm kcalloc returns NULL...

CVE-2022-49448 soc: bcm: Check for NULL return of devm_kzalloc()

In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for NULL return of devmkzalloc As the potential failure of allocation, devmkzalloc may return NULL. Then the 'pd-pmb' and the follow lines of code may bring null pointer dereference. Therefore, it is better to che...