CVE-2025-40145 PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

CVE-2025-40145 PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

CVE-2025-40145

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

CVE-2025-40144 nvdimm: ndtest: Return -ENOMEM if devm_kcalloc() fails in ndtest_probe()

In the Linux kernel, the following vulnerability has been resolved: nvdimm: ndtest: Return -ENOMEM if devmkcalloc fails in ndtestprobe devmkcalloc may fail. ndtestprobe allocates three DMA address arrays dcrdma, labeldma, dimmdma and later unconditionally uses them in ndtestnvdimminit, which can...

CVE-2025-40144

CVE-2025-40144 relates to the Linux kernel nvdimm subsystem: ndtest may NULL-dereference under low memory if devm_kcalloc() allocations fail. The fix adds checks for three DMA address arrays (dcr_dma, label_dma, dimm_dma) and returns -ENOMEM on allocation failure, routing to a common error path. ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from amd/sdwutils not checking for pointers after devmkasprintf fails, which could result in a null pointer...

kernel: HID: multitouch: Add NULL check in mt_input_configured

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mtinputconfigured devmkasprintf can return a NULL pointer on failure,but this returned value in mtinputconfigured is not checked. Add NULL check in mtinputconfigured, to handle kernel NULL point...

kernel: tpm: Change to kvalloc() in eventlog/acpi.c

In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ cut here ------------ 10.853559 T1...

kernel: fbdev: hyperv_fb: Allow graceful removal of framebuffer

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hypervfb driver tries to release the framebuffer forcefully. If this framebuffer is in use it produce the following WARN and henc...

kernel: ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989812)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989812 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989475 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Free irq vectors in order for v3 HW If the driver probe fails to request the chann...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989123)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989123 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: rzn1: Fix possible null-ptr-deref in shpfcmapresources It will cause...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989157)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989157 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devmrequestfreememregion and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989530 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix Null-point-dereference in fmtsinglename Check the return value of devmkstrdup in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990002)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990002 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi controller, but the legacy remove function will be called first during device detach and trigger kern...

OESA-2025-2554 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4fcreplayscan For scan loop must ensure that at least EXT4FCTAGBASELEN space. If remain space less than...

EUVD-2022-55677

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.7 / Nagios XI 5.8.9 contains a cross-site scripting XSS vulnerability via the Audit Log page search input. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

SUSE CVE-2025-40059

In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devmkzalloc The return value of devmkzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devmkzalloc...