EUVD-2026-38994

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg lookup, or blkgtryget fails, the function jumps to the out label whi...

EUVD-2026-38715

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fixed a device reference count leak in atrtrcreate. When updating an existing route entry in atrtrcreate, the old device reference was not released before assigning the new device. This led to a device reference...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfc: Fixed potential resource leaks nfcgetdevice now takes a reference to the device and adds it; nfcputdevice is added to release it when no longer needed. Additionally, the warning message was corrected by using the error co...

CVE-2026-52904

The CVE-2026-52904 entry covers a Linux kernel issue in drm/nouveau where nvkm_device leaks occur if aperture_remove_conflicting_pci_devices() fails during probe. The allocated nvkm_device from nvkm_device_pci_new() is not unwound on error, leaking both the device wrapper and the pci_enable_devic...

SUSE CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

CVE-2026-45917

A flaw was found in the Linux kernel's IP Virtual Server IPVS component. A race condition exists between the network device notifier and the destination cache when a device is shutting down. This can lead to a leaked device reference, potentially causing system instability or a denial of service...

CVE-2026-46005

A flaw was found in the Linux kernel's xfs filesystem. This resource leak occurs in the xfsallocbuftarg function's error path, where a DAX Direct Access device reference is not properly dropped. An attacker could potentially exploit this flaw to cause resource exhaustion, leading to a Denial of...

EUVD-2026-32343

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

CVE-2026-46005

The CVE-2026-46005 issue concerns a resource leak in the XFS code path of the Linux kernel (xfs_alloc_buftarg) where, in error paths, the DAX device reference must be dropped via fs_put_dax(). Connected documents indicate patches and mitigations across multiple distributions: Debian/OpenSUSE OSV ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mctp: route: hold key-lock in mctpflowprepareoutput The mctpflowprepareoutput function checks key-dev and may call mctpdevsetkey. However, it does not hold key-lock during this process. Both mctpdevsetkey and mctpdevreleasekey...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net:mctp: Fixed the device reference leak that occurred during probe failures. The driver core holds a reference to the USB interface and its parent USB device while the interface is bound to the driver. There is no need to ho...

SUSE CVE-2026-43375

In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...

SUSE CVE-2025-71287

In the Linux kernel, the following vulnerability has been resolved: memory: mtk-smi: fix device leak on larb probe Make sure to drop the reference taken when looking up the SMI device during larb probe on late probe failure e.g. probe deferral and on driver unbind...

CVE-2026-43375

CVE-2026-43375 concerns the Linux kernel in the MCTP path. A leak occurs during probe failures because the driver saves a reference to the USB device but fails to release it on error paths. The fix drops the redundant device reference to prevent memory leaks when the probe fails, simplifying driv...

PT-2026-39036

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak occurs in the net: mctp component during a probe failure. The driver takes a reference to the USB device during the probe process but fails to release it when the probe...

EUVD-2026-27752

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

EUVD-2025-209679

In the Linux kernel, the following vulnerability has been resolved: memory: mtk-smi: fix device leaks on common probe Make sure to drop the reference taken when looking up the SMI device during common probe on late probe failure e.g. probe deferral and on driver unbind...

CVE-2025-71287

In the Linux kernel, the following vulnerability has been resolved: memory: mtk-smi: fix device leak on larb probe Make sure to drop the reference taken when looking up the SMI device during larb probe on late probe failure e.g. probe deferral and on driver unbind...