UBUNTU-CVE-2023-53674

In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devmclknotifierregister devmclknotifierregister allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocat...

CVE-2023-53682

CVE-2023-53682 affects the Linux kernel hwmon xgene driver. The root cause is that ioremap() and memremap() were not released in xgene_hwmon_probe(), creating a potential resource leak through ctx->pcc_comm_addr. The fix replaces ioremap and memremap with devm_ioremap and devm_memremap, ensuri...

CVE-2023-53682 hwmon: (xgene) Fix ioremap and memremap leak

In the Linux kernel, the following vulnerability has been resolved: hwmon: xgene Fix ioremap and memremap leak Smatch reports: drivers/hwmon/xgene-hwmon.c:757 xgenehwmonprobe warn: 'ctx-pcccommaddr' from ioremap not released on line: 757. This is because in drivers/hwmon/xgene-hwmon.c:701...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-384561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-384561 advisory. In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrlenable The pctldev struct is allocated in...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987087 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix possible null-ptr-deref in cadencenanddtprobe It will cause...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-399182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-399182 advisory. In the Linux kernel, the following vulnerability has been resolved: gpio: grgpio: Add NULL check in grgpioprobe devmkasprintf can return a NULL pointer on failure,bu...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987345)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987345 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986631 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987181)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987181 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: fix possible null-ptr-deref in armsmmudeviceprobe It will cause null-ptr-deref wh...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986671 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Fix string overflow in SCPI genpd driver Without the bound checks for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986471)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986471 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987355)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987355 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: elan: Fix potential double free in elaninputconfigured 'input' is a managed resource allocat...

SUSE CVE-2023-53533

In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpitsprobe rpifirmwareget take reference, we need to release it in error paths as well. Use devmrpifirmwareget helper to handling the resources. Also remove the existing rpifirmwareput...

CVE-2023-53596

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devresreleaseall only gets called if the device has a bus and has been probed. This leads to issues when using bus-less or driver-less devices...

CVE-2023-53579

In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action...

CVE-2023-53534

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: mtkdrmcrtc: Add checks for devmkcalloc As the devmkcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference...

UBUNTU-CVE-2023-53533

In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpitsprobe rpifirmwareget take reference, we need to release it in error paths as well. Use devmrpifirmwareget helper to handling the resources. Also remove the existing rpifirmwareput...

UBUNTU-CVE-2023-53579

In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action...

CVE-2023-53596 drivers: base: Free devm resources when unregistering a device

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devresreleaseall only gets called if the device has a bus and has been probed. This leads to issues when using bus-less or driver-less devices...

CVE-2023-53596 drivers: base: Free devm resources when unregistering a device

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devresreleaseall only gets called if the device has a bus and has been probed. This leads to issues when using bus-less or driver-less devices...