CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

EUVD-2026-35148

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tpmdevrelease function not properly releasing the authentication session using kfreesensitive,...

EUVD-2026-32792

In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...

EUVD-2026-32789

In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninit&sfdev-adev. The device release callback icesfdevrelease frees sfdev, but th...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a count leak in the usbdev driver of the ALSA caiaq library. This vulnerability may lead to devic...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mISDN: fixed a possible memory leak in mISDNdspelementregister After committing 1fa5ae857bb1 "driver core: remove the struct device’s busid string array", the name of the device is allocated dynamically. Use putdevice to relea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Fixed a DMA memory leak in the configuration page. A fix was also provided for: DMA-API: For the PCI device with address 0000:83:00.0, the device driver had pending DMA allocations even after it was released from...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skips the dev-iotlb flush for inaccessible PCIe devices without scalable mode. PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can cause a system hard lock when their link fails, eithe...

EUVD-2026-27766

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtkmdpunregisterm2mdevice on the error handling path to prevent resource leak. Add check for the return value of vpugetplatdevice to prevent null pointer dereference. And...

CVE-2026-43161

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...

SUSE CVE-2026-31732

In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochipadddatawithkey Since commit aab5c6f20023 "gpio: set device type for GPIO chips", gdev-dev.release is unset. As a result, the reference count to gdev-dev isn't dropped on the error...

SUSE CVE-2026-43064

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

CVE-2026-43064

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

CVE-2026-43064

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

PT-2026-37067

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the dmaengine idxd component where the workqueue associated with a Data Streaming Accelerator DSA or Intel Analytics Accelerator IAA device is not released when t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Use device rbtree in the iopf reporting path. The existing I/O page fault handler currently locates the PCI device by calling pcigetdomainbusandslot. This function searches the list of all PCI devices until the desire...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Fixed an unbalanced fwnode reference count in mdiodevicerelease. There is a warning report regarding a refcount leak when probing the mdio device: OF: Error: Memory leak; the expected refcount was 1 instead of 2. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I encountered the following issue during the devicemscc-miim load test, with CONFIGOFUNITTEST and CONFIGOFDYNAMIC enabled: - ERROR: Memory leak; the expected reference count was 2...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: misc: fastrpc: Do not remove the map from createprocess and devicerelease functions. Do not remove the map from the list during the error handling in fastrpcinitcreateprocess. Instead, call fastrpcmapput to avoid a...