PT-2025-40147

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak could occur during module exit in the MIPS virtual processor environment vpe-mt. After a specific commit 1fa5ae857bb1, device names are dynamically allocated and require...

DEBIAN-CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

CVE-2025-39872 hsr: hold rcu and dev lock for hsr_get_port_ndev

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

CVE-2025-39856

CVE-2025-39856 concerns the Linux kernel network driver for TI am65 CPSW-NUSS (CPSW2G) where, in the TX completion path, the variable ndev may be accessed before initialization if no TX packets have been processed. This can cause a null pointer dereference and kernel crash. Affected component: ne...

CVE-2023-53336

In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipubridgeparserotation and ipubridgeparseorientation run sensor-adev is not set yet. So if either of the devwarn calls about unknown values are hit this...

SUSE CVE-2023-53314

In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...

DEBIAN-CVE-2023-53314

In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...

CVE-2023-53314 fbdev/ep93xx-fb: Do not assign to struct fb_info.dev

In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...

CVE-2023-53314 fbdev/ep93xx-fb: Do not assign to struct fb_info.dev

In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fbinfo.dev Do not assing the Linux device to struct fbinfo.dev. The call to registerframebuffer initializes the field to the fbdev device. Drivers should not override its value. Fixes a bu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the misallocation of struct fbinfo.dev, which could lead to an incorrect reduction of the hardware device...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly releasing a device reference returned by pcigetdomainbusandslot, which could lead to a referenc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly reducing the reference count of a device returned by pcigetdevice, which could lead to a memory...

PT-2025-39129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to resource handling within the hsr subsystem. Specifically, the hsr get port ndev function does not properly manage locks, potentially leading ...

nvme: apple: fix device reference counting

...

CVE-2025-38550

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in mlddeldelrec pmc-idev is still used in ip6mcclearsrc, so as mldcleardelrec does, the reference should be put after ip6mcclearsrc return...

DEBIAN-CVE-2025-38542

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix device refcount leak in atrtrcreate When updating an existing route entry in atrtrcreate, the old device reference was not being released before assigning the new device, leading to a device refcount leak. Fix...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unreleased old device reference, which could lead to a leaked device reference count...

CVE-2025-55199

A flaw was found in helm.sh/helm/v3. A maliciously crafted JSON Schema file can trigger excessive memory consumption during Helm Chart validation, leading to an out-of-memory OOM termination. A remote attacker, requiring user interaction to provide the crafted file, can trigger this condition. Th...

CVE-2025-55199

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

CVE-2025-55199 Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...