EUVD-2026-32391

In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...

CVE-2026-45925

In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...

UBUNTU-CVE-2026-46030

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed r5corenode on any exit path, causing a memory leak. Fix this by usin...

CVE-2026-46030 EDAC/versalnet: Fix device_node leak in mc_probe()

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed r5corenode on any exit path, causing a memory leak. Fix this by usin...

CVE-2026-46030

CVE-2026-46030 affects the Linux kernel EDAC/versalnet path; the root cause is a memory leak in mc_probe due to a device_node reference not being freed. The fix uses the automatic cleanup attribute __free(device_node) to ensure of_node_put() is called when the local variable goes out of scope. Af...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: media: tegra-video: Fixed the use of devicenode after freeing it. At the time of testing, the following code path is followed: - tegracsiinit - tegracsichannelsalloc - foreachchildofnodenode, channel – Iterates over...

CVE-2022-50745 staging: media: tegra-video: fix device_node use after free

In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix devicenode use after free At probe time this code path is followed: tegracsiinit tegracsichannelsalloc foreachchildofnodenode, channel -- iterates over channels automatically gets 'channel'...

EUVD-2022-54987

Malicious code in bioql PyPI...

SUSE CVE-2022-50457

In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error in delmtddevice delmtddevice will call ofnodeput to mtdgetofnodemtd, which is mtd-dev.ofnode. However, memset&mtd-dev, 0 is called before ofnodeput. As the result, ofnodeput won't do anything in...

CVE-2025-39930

CVE-2025-39930 affects the Linux kernel ASoC simple-card-utils component. The issue arises from graph_util_parse_dai() freeing a device_node with __free(), which was kept alive by the driver during use. A patch (commit 419d1918105e) changes handling to not free device_node in graph_util_parse_dai...

SUSE CVE-2022-49188

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcomq6v5mss: Fix some leaks in q6v5allocmemoryregion The devicenode pointer is returned by ofparsephandle or ofgetchildbyname with refcount incremented. We should use ofnodeput on it when done. This function only call...

CVE-2022-49457

In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing ofnodeput in dcscbinit The devicenode pointer is returned by offindcompatiblenode with refcount incremented. We should use ofnodeput to avoid the refcount leak...

CVE-2022-49431

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Add missing ofnodeput in iommuinitearlydart The devicenode pointer is returned by offindcompatiblenode with refcount incremented. We should use ofnodeput to avoid the refcount leak...

CVE-2022-49457

In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing ofnodeput in dcscbinit The devicenode pointer is returned by offindcompatiblenode with refcount incremented. We should use ofnodeput to avoid the refcount leak...

CVE-2022-49241 ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe

In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5wm8731driverprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput in the regular...

CVE-2022-49188

CVE-2022-49188 affects the Linux kernel remoteproc: qcom_q6v5_mss path, where leaks can occur in q6v5_alloc_memory_region due to improper device_node handling. The root cause is that the device_node pointer returned by of_parse_phandle() or of_get_child_by_name() is not always balanced with of_no...

CVE-2022-49161

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8183da7219max98357devprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput in the...

GSD-2023-1000917 staging: media: tegra-video: fix device_node use after free

staging: media: tegra-video: fix devicenode use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

CVE-2018-11907

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue...

Design/Logic Flaw

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue...