Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97 – a possible memory leak has been fixed in sndac97devregister. If devregister fails in sndac97devregister, it should call putdevice to release the reference, otherwise the name allocated by devsetname may be leaked...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported a memory leak in the MDIO bus interface. The problem lay in incorrect state logic. The MDIOBUSALLOCATED state indicates two possible statuses: 1. The bus is only allocated. 2. The bus is...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mailbox: zynq-ipi: fixed error handling when deviceregister fails When deviceregister fails, there are two issues: 1. The name allocated by devsetname is leaked. 2. The parent of the device is not NULL; deviceunregister is...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010905)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010905 advisory. In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while deviceregister fails If deviceregister fails, it has...

CVE-2022-50857

The CVE-2022-50857 entry concerns the Linux kernel code path for rapidio rio: rio_register_mport. The issue arises when device_register() fails after an mport name has been allocated with dev_set_name(); the allocated name must be released, and the reference should be dropped with put_device() so...

CVE-2023-54017 powerpc/pseries: fix possible memory leak in ibmebus_bus_init()

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebusbusinit If deviceregister returns error in ibmebusbusinit, name of kobject which is allocated in devsetname called in deviceadd is leaked. As comment of deviceadd says, it shoul...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991172 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fix possible name leak in tcmloopsetuphbabus If deviceregister fails in...

DEBIAN-CVE-2022-50672

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while deviceregister fails If deviceregister fails, it has two issues: 1. The name allocated by devsetname is leaked. 2. The parent of device is not NULL, deviceunregister is called in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988951)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988951 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in...

EUVD-2025-9387

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-50352

In the Linux kernel, the following vulnerability has been resolved: net: hns: fix possible memory leak in hnaeaeregister Inject fault while probing module, if deviceregister fails, but the refcount of kobject is not decreased to 0, the name allocated in devsetname is leaked. Fix this by calling...

CVE-2022-50352

In the Linux kernel, the following vulnerability has been resolved: net: hns: fix possible memory leak in hnaeaeregister Inject fault while probing module, if deviceregister fails, but the refcount of kobject is not decreased to 0, the name allocated in devsetname is leaked. Fix this by calling...

CVE-2022-50244

In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlpciinitafu|adapter If deviceregister fails in cxlpciafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-deref becau...

CVE-2022-50244

CVE-2022-50244 affects the Linux kernel code path in cxl_pci_init_afu|adapter() where a failed device_register() leaves a not-added device and leads to a potential null pointer dereference if device_unregister() is called in the error path. The fix splits unregister logic into device_del() and pu...

SUSE CVE-2025-37836

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pciregisterhostbridge If deviceregister fails, call putdevice to give up the reference to avoid a memory leak, per the comment at deviceregister. Found by code review. bhelgaas: squash Dan Carpenter's...