UBUNTU-CVE-2026-45906

In the Linux kernel, the following vulnerability has been resolved: power: supply: pf1550: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: The cleanup of the connector occurs when the bridge is detached. If we do not call drmconnectorcleanup manually in panelbridgedetach, the connector will be cleaned up along with other DRM objects during the cal...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: Multitouch: Corrected the reference to the devm device for the hidinput inputdevice name. The reference should now point to the HID device, rather than the input device, for allocating the inputdevice name. Referring to the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006818)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006818 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID devic...

CVE-2026-23431

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fix memory leak in amlspisgprobe In amlspisgprobe, ctlr is allocated by spialloctarget/spiallochost, but fails to call spicontrollerput in several error paths. This leads to a memory leak whenever the driver...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37989)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37989 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A networ...

CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

CVE-2023-54221

CVE-2023-54221 : In the Linux kernel, the imx93 clock driver had a memory leak and an improper error path in imx93_clocks_probe. The root cause was a path in probe() that returned without unregistration of hardware resources, potentially leaking memory. The fix, as documented in multiple vendor a...

CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

CVE-2023-54207

CVE-2023-54207 affects the Linux kernel HID: uclogic driver. The root cause is using the input_dev name’s devm allocation instead of referencing the HID device, which could lead to a use-after-free when the input_dev is unregistered and a uevent depending on its name fires. The fix switches to re...

EUVD-2025-203726

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not kfree devres managed rdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc rdev is managed by devres and we shouldn't be calling kfree on it. This fixes things exploding if the...

CVE-2025-68222

CVE-2025-68222 (Linux kernel) : The pinctrl driver for the NXP S32CC PHY/SoC allocated s32_pinctrl_desc with devm_kmalloc() but did not initialize all fields (notably num_custom_params), causing intermittent allocation failures during pinctrl/DT parsing, which in turn can cascade to parse errors ...

PT-2025-51583

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the DRM/Radeon driver where the rdev structure, managed by devres, was incorrectly being freed using kfree. This occurred because the allocation metho...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986471 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during...

EUVD-2025-31951

Malicious code in bioql PyPI...

SUSE CVE-2023-53454

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...

CVE-2023-53454 HID: multitouch: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...

DEBIAN-CVE-2023-53253

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference hiddevice devm allocation of inputdev name Use hiddevice for devm allocation of the inputdev name to avoid a use-after-free. inputunregisterdevice would trigger devres cleanup of all resources...

UBUNTU-CVE-2023-53253

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference hiddevice devm allocation of inputdev name Use hiddevice for devm allocation of the inputdev name to avoid a use-after-free. inputunregisterdevice would trigger devres cleanup of all resources...

CVE-2023-53253

CVE-2023-53253 affects the Linux kernel HID path for nvidia-shield. The underlying issue is a use-after-free caused by freeing the input_dev name during input_dev unregister, when the name is freed by devres cleanup via input_unregister_device. The mitigation described in the public records is to...