560 matches found
EUVD-2025-203724
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2025-68181
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drmputdev Since the allocation of the drivers main structure was changed to devmdrmdevalloc drmputdev'ing to trigger it to be free'd should be done by devres. However, drmputdev is still in the probe...
CVE-2025-68172
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2025-68193
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...
CVE-2025-68172
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2025-68222
CVE-2025-68222 (Linux kernel) : The pinctrl driver for the NXP S32CC PHY/SoC allocated s32_pinctrl_desc with devm_kmalloc() but did not initialize all fields (notably num_custom_params), causing intermittent allocation failures during pinctrl/DT parsing, which in turn can cascade to parse errors ...
CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...
PT-2025-51583
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the DRM/Radeon driver where the rdev structure, managed by devres, was incorrectly being freed using kfree. This occurred because the allocation metho...
CVE-2023-53807
In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clkwzrdregisterdivider Smatch detected this potential error pointer dereference clkwzrdregisterdivider. If devmclkhwregister fails then it sets "hw" to an error pointer and then dereferences it o...
CVE-2023-53854
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
EUVD-2023-60099
In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clkwzrdregisterdivider Smatch detected this potential error pointer dereference clkwzrdregisterdivider. If devmclkhwregister fails then it sets "hw" to an error pointer and then dereferences it o...
CVE-2023-53854 ASoC: mediatek: mt8186: Fix use-after-free in driver remove path
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
CVE-2023-53854
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
CVE-2023-53854 ASoC: mediatek: mt8186: Fix use-after-free in driver remove path
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
CVE-2023-53807 clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider()
In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clkwzrdregisterdivider Smatch detected this potential error pointer dereference clkwzrdregisterdivider. If devmclkhwregister fails then it sets "hw" to an error pointer and then dereferences it o...
EUVD-2023-60075
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address Why There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. How Patch correct numbers of bounds for using...
DEBIAN-CVE-2025-40317
In the Linux kernel, the following vulnerability has been resolved: regmap: slimbus: fix buscontext pointer in regmap init calls Commit 4e65bda8273c "ASoC: wcd934x: fix error handling in wcd934xcodecparsedata" revealed the problem in the slimbus regmap. That commit breaks audio playback, for...
PT-2025-49051
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel driver allocates memory for sensor data using devm kzalloc, but lacks a check to ensure the allocation was successful. If memory allocation fails, attempting to...
CVE-2025-40145
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...
UBUNTU-CVE-2025-40145
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...