CVE-2026-45868

CVE-2026-45868 concerns the Linux kernel: a refcount leak in pinctrl: single during pcs_add_gpio_func(), caused by of_parse_phandle_with_args() returning a device_node with an incremented refcount that isn’t released while iterating phandles. The fix adds of_node_put() to release the reference af...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307 – fixed the double-free of devmkzalloc memory. A previous change added NULL checks and cleanup procedures for allocation failures in sma1307settingloaded. However, the cleanup for modeset entries is incorrect. These...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp: pxa1908-apbc – Fixed the issue where NULL values were returned instead of an ISERR error pointer. The devmkzalloc function now returns NULL upon failure, rather than error pointers. The check has been corrected...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7925: fixed a NULL dereference check in mt7925changeviflinks. In mt7925changeviflinks, devmkzalloc may return NULL, but this returned value is not checked...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: bcm: Check for NULL return of devmkzalloc As the potential failure of allocation, devmkzalloc may return NULL. Then the 'pd-pmb' and the follow lines of code may bring null pointer dereference. Therefore, it is better to che...

SUSE CVE-2026-31524

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

CVE-2026-31475 ASoC: sma1307: fix double free of devm_kzalloc() memory

In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307: fix double free of devmkzalloc memory A previous change added NULL checks and cleanup for allocation failures in sma1307settingloaded. However, the cleanup for modeset entries is wrong. Those entries are allocated...

SUSE CVE-2026-23176

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibahaps: Fix memory leaks in add/remove routines toshibahapsadd leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshibahapsremove does not free the object...

CVE-2026-23176

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibahaps: Fix memory leaks in add/remove routines toshibahapsadd leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshibahapsremove does not free the object...

CVE-2026-23176

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibahaps: Fix memory leaks in add/remove routines toshibahapsadd leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshibahapsremove does not free the object...

CVE-2026-23176

The CVE-2026-23176 issue in the Linux kernel affects the platform/x86 toshiba_haps subsystem. The vulnerability stems from memory leaks in the add/remove routines: toshiba_haps_add() can leak the haps object if it returns an error after successful allocation, and toshiba_haps_remove() clears the ...

CVE-2026-23046

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...

CVE-2025-71082

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devmkzalloc in btusb This reverts commit 98921dbd00c4e "Bluetooth: Use devmkzalloc in btusb.c file". In btusbprobe, we use devmkzalloc to allocate the btusb data. This ties the lifetime of all the...

CVE-2025-71082

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: revert use of devmkzalloc in btusb This reverts commit 98921dbd00c4e "Bluetooth: Use devmkzalloc in btusb.c file". In btusbprobe, we use devmkzalloc to allocate the btusb data. This ties the lifetime of all the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of devmkzalloc leading to improper management of data lifecycles between interfaces, which could lea...

CVE-2023-54221

In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93clocksprobe In function probe, it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregisterhws;' on line 295 and line 310. Use...

CVE-2025-40224

In the Linux kernel, the following vulnerability has been resolved: hwmon: cgbc-hwmon Add missing NULL check after devmkzalloc The driver allocates memory for sensor data using devmkzalloc, but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL...

UBUNTU-CVE-2025-40224

In the Linux kernel, the following vulnerability has been resolved: hwmon: cgbc-hwmon Add missing NULL check after devmkzalloc The driver allocates memory for sensor data using devmkzalloc, but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL...

CVE-2025-40224 hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc()

In the Linux kernel, the following vulnerability has been resolved: hwmon: cgbc-hwmon Add missing NULL check after devmkzalloc The driver allocates memory for sensor data using devmkzalloc, but did not check if the allocation succeeded. In case of memory allocation failure, dereferencing the NULL...

CVE-2025-40059

In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devmkzalloc The return value of devmkzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devmkzalloc...