Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtlwifi – Fixed memory leaks and invalid access at the probe error path. The deinitialization is performed in reverse order when the probe fails. When initswvars fails, rtldeinitcore should not be called. This is...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fixed a use-after-free in error handling of nouveauconnectorcreate. We cannot simply free the connector after calling drmconnectorinit on it. We need to clean up the DRM-related aspects first. This might not fix...

CVE-2026-43460

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...

SUSE CVE-2026-43097

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix double idafree in hvpciprobe error path If hvpciprobe fails after storing the domain number in hbus-bridge-domainnr, there is a call to free this domainnr via pcibusreleaseemuldomainnr, however, during cleanup, the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fix handling of failed transmitted URBs The driver lacks the cleanup of failed transfers of URBs. This reduces the number of available URBs per error by 1. This leads to reduced performance and...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: megaraidsas: A resource leak has been fixed in case of probe failures. The driver does not properly clean up all allocated resources when the scsiaddhost or megasasstartaen functions fail during the PCI device probe. All...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling Do not call iavfclose in iavfresettask error handling. Doing so can lead to double call of napidisable, which can lead to deadlock there. Removing VF would lead to iavfremove task being stuck, becau...

UBUNTU-CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2025-71199 iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fix potential use-after-free in sama5d2adc driver at91adcinterrupt can call at91adctouchdatahandler function to start the work by schedulework&st-touchst.workq. If we remove the module which will call...

CVE-2023-54310

In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlanremove due to race condition mptlanprobe calls mptregisterlandevice which initializes the &priv-postbucketstask workqueue. A call to mptlanwakepostbucketstask will subsequent...

CVE-2022-50727

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

CVE-2023-54053

CVE-2023-54053 is a Linux kernel issue affecting the iwlwifi PCIe path, causing a NULL pointer dereference during device removal after a failed iwl_pci_probe(). The vulnerability is described in connected vendor advisories as a fix for a crash when removing a device while its transmission structu...

kernel: scsi: qla2xxx: Wait for io return on terminate rport

A flaw was found in the Linux kernel’s SCSI driver component qla2xxx used with FCP-2 devices. When the terminaterportio function is invoked , the driver may exit cleanup before all outstanding I/O operations have returned. This can lead to a use-after-free condition when resources are freed while...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989364 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix a potential memory leak in r871xudrvinit In r871xudrvinit, if r8712initdrvs...

EUVD-2022-54915

Malicious code in bioql PyPI...

EUVD-2025-14150

Malicious code in bioql PyPI...

EUVD-2022-54920

Malicious code in bioql PyPI...

EUVD-2025-20947

Malicious code in bioql PyPI...

PT-2025-40236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the rtw88 usb driver. The leak occurs due to unreferenced objects during the USB probe routine, specifically within the rtw usb probe function...

CVE-2023-53349 media: ov2740: Fix memleak in ov2740_init_controls()

In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740initcontrols There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 size 16: comm "51-i2c-ov2740", pid 278, jiffies 4294781584 age...