CVE-2025-40064

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

AZL-68897 CVE-2025-40064 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

CVE-2025-40064

The CVE-2025-40064 issue affects the Linux kernel’s SMC (smc) path during connect() where a use‑after‑free can occur when net_device is accessed after it is freed in __pnet_find_base_ndev(). The root cause is a race around fetching dst->dev and using it after the device’s lifetime, with RTNL h...

CVE-2025-40064 smc: Fix use-after-free in __pnet_find_base_ndev().

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

PT-2025-49445

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/mediatek subsystem that could lead to a use-after-free condition during device unbinding. A recent fix for device reference leaks during bind...

CVE-2022-50576

CVE-2022-50576 relates to the Linux kernel, addressing a refcount leak in the PCI device handling path for serial: pch. The root cause was that pci_get_slot() returns a pci_device with an incremented refcount, but pch_request_dma() failed to balance it in all exit paths. The fix adds a missing pc...

CVE-2022-50566 mtd: Fix device name leak when register device failed in add_mtd_device()

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 size 8: comm "insmod", pid 3922, jiffies 4295277753 age 925.408s hex du...

CVE-2025-39993 media: rc: fix races with imon_disconnect()

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

CVE-2025-39993 media: rc: fix races with imon_disconnect()

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

CVE-2022-50522

The CVE-2022-50522 entry corresponds to a Linux kernel issue in mcb-parse (chameleon_parse_gdd). When mcb_device_register() returns an error, the refcount for the bus and device name is leaked. The fix adds a put_device() to relinquish the reference so resources can be released during mcb_release...

CVE-2022-50505

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in pprnotifier As comment of pcigetdomainbusandslot says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling...

UBUNTU-CVE-2022-50474

In the Linux kernel, the following vulnerability has been resolved: macintosh: fix possible memory leak in macioaddonedevice Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically. It needs to be freed when ofdeviceregist...

EUVD-2023-27096

Malicious code in bioql PyPI...

EUVD-2025-30859

Malicious code in bioql PyPI...

EUVD-2022-54749

Malicious code in bioql PyPI...

CVE-2022-50431

In the Linux kernel, the following vulnerability has been resolved: ALSA: aoa: i2sbus: fix possible memory leak in i2sbusadddev devsetname in soundbusaddone allocates memory for name, it need be freed when ofdeviceregister fails, call soundbusdevput to give up the reference that hold in...

CVE-2023-53520

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...

CVE-2023-53520

CVE-2023-53520 relates to the Linux kernel Bluetooth subsystem. A race can occur when an hci_dev object is freed by hci_unregister_dev() while hci_suspend_notifier may still access it, potentially causing a crash (as shown by the call trace in hci_suspend_sync). The patch fixes this by holding a ...

CVE-2022-50462 MIPS: vpe-mt: fix possible memory leak while module exiting

In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fix possible memory leak while module exiting Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, it need be freed when module exiting,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a PCI device reference count leak in the mt7915pciinithif2 function, which could lead to a memory leak...