CVE-2022-48812 net: dsa: lantiq_gswip: don't use devres for mdiobus

In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...

CVE-2022-48812

CVE-2022-48812 concerns the Linux kernel: the net: dsa: lantiq_gswip code should not use devres for mdiobus allocation/registration. The root cause is that mdiobus_free() can panic when invoked via devm_mdiobus_free() because devres_release_all() may free a bus that is still registered, especiall...

DEBIAN-CVE-2022-48735

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devmledclassdevregister and associated with the HD-audio codec device. Unfortunately, it turne...

CVE-2022-48735

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devmledclassdevregister and associated with the HD-audio codec device. Unfortunately, it turne...

CVE-2022-48735

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devmledclassdevregister and associated with the HD-audio codec device. Unfortunately, it turne...

DEBIAN-CVE-2021-47410

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix svmmigratefini warning Device manager releases device-specific resources when a driver disconnects from a device, devmmemunmappages and devmreleasememregion calls in svmmigratefini are redundant. It causes below...

CVE-2021-47410 drm/amdkfd: fix svm_migrate_fini warning

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix svmmigratefini warning Device manager releases device-specific resources when a driver disconnects from a device, devmmemunmappages and devmreleasememregion calls in svmmigratefini are redundant. It causes below...

CVE-2024-35816

A vulnerability was found in the Linux kernel's FireWire OHCI driver, which could lead to a resource leak by leaving behind an interrupt request IRQ when a device is unbound. This issue may cause instability or improper handling of IRQs, potentially affecting system performance or reliability...

UBUNTU-CVE-2024-35816

In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: prevent leak of left-over IRQ on unbind Commit 5a95f1ded28691e6 "firewire: ohci: use devres for requested IRQ" also removed the call to freeirq in pciremove, leading to a leftover irq of devmrequestirq at...

SUSE CVE-2021-47205

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: Unregister clocks/resets when unbinding Currently, unbinding a CCU driver unmaps the device's MMIO region, while leaving its clocks/resets and their providers registered. This can cause a page fault later when some...

CVE-2021-47205

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: Unregister clocks/resets when unbinding Currently, unbinding a CCU driver unmaps the device's MMIO region, while leaving its clocks/resets and their providers registered. This can cause a page fault later when some...

UBUNTU-CVE-2021-47205

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: Unregister clocks/resets when unbinding Currently, unbinding a CCU driver unmaps the device's MMIO region, while leaving its clocks/resets and their providers registered. This can cause a page fault later when some...

PT-2024-14631 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free UAF issue has been resolved in the Linux kernel. The pmif driver data, which contains clocks, is allocated along with spmi controller. When a device is removed, spmi...

Design/Logic Flaw

In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devmspialloc We can't rely on the contents of the devres list during spiunregistercontroller, as the list is already torn down at the time we perform devresfind for devmspireleasecontroller. This caus...

PT-2025-18818

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to a devres leak in the hw enable function upon suspend and resume. This issue occurs when the platform goes to low power,...

GSD-2022-1000512 net: dsa: felix: don't use devres for mdiobus

net: dsa: felix: don't use devres for mdiobus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...

GSD-2022-1000429 net: dsa: bcm_sf2: don't use devres for mdiobus

net: dsa: bcmsf2: don't use devres for mdiobus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...

GSD-2022-1000428 net: dsa: mv88e6xxx: don't use devres for mdiobus

net: dsa: mv88e6xxx: don't use devres for mdiobus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...

GSD-2022-1000371 net: dsa: lantiq_gswip: don't use devres for mdiobus

net: dsa: lantiqgswip: don't use devres for mdiobus This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...

GSD-2022-1000369 net: dsa: ar9331: register the mdiobus under devres

net: dsa: ar9331: register the mdiobus under devres This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...