Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fixed a use-after-free in error handling of nouveauconnectorcreate. We cannot simply free the connector after calling drmconnectorinit on it. We need to clean up the DRM-related aspects first. This may not fix a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: In rtlwifi, memory leaks and invalid access at the probe error path have been fixed. The deinitialization is performed in reverse order when the probe fails. When initswvars fails, rtldeinitcore should not be called. Thi...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling for reset operations. Do not call iavfclose during error handling for iavfresettask. Doing so may lead to a double call to napidisable, which can cause a deadlock. Removing the VF may cause...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed double calls to idafree in the hvpciprobe error path. If hvpciprobe fails after storing the domain number in hbus-bridge-domainnr, a call to free this domainnr is made via pcibusreleaseemuldomainnr. However, during...

CVE-2026-43460

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove callback The driver uses devmspiregistercontroller for registration, which automatically unregisters the controller via devm cleanup when the device is removed. The manual call to...

SUSE CVE-2026-43097

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fix double idafree in hvpciprobe error path If hvpciprobe fails after storing the domain number in hbus-bridge-domainnr, there is a call to free this domainnr via pcibusreleaseemuldomainnr, however, during cleanup, the...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: megaraidsas: A resource leak has been fixed in case of probe failures. The driver does not properly clean up all allocated resources when the scsiaddhost or megasasstartaen functions fail during the PCI device probe. All...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbxmitcallback: fixed the handling of failed transmitted URBs. The driver lacks the necessary cleanup steps after failed transfers of URBs. This results in one fewer available URB per error. This leads to reduced...

UBUNTU-CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2025-71199 iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fix potential use-after-free in sama5d2adc driver at91adcinterrupt can call at91adctouchdatahandler function to start the work by schedulework&st-touchst.workq. If we remove the module which will call...

CVE-2023-54310

In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlanremove due to race condition mptlanprobe calls mptregisterlandevice which initializes the &priv-postbucketstask workqueue. A call to mptlanwakepostbucketstask will subsequent...

CVE-2022-50727

In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...

CVE-2023-54053

CVE-2023-54053 is a Linux kernel issue affecting the iwlwifi PCIe path, causing a NULL pointer dereference during device removal after a failed iwl_pci_probe(). The vulnerability is described in connected vendor advisories as a fix for a crash when removing a device while its transmission structu...

kernel: scsi: qla2xxx: Wait for io return on terminate rport

A flaw was found in the Linux kernel’s SCSI driver component qla2xxx used with FCP-2 devices. When the terminaterportio function is invoked , the driver may exit cleanup before all outstanding I/O operations have returned. This can lead to a use-after-free condition when resources are freed while...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989364 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix a potential memory leak in r871xudrvinit In r871xudrvinit, if r8712initdrvs...

EUVD-2022-54920

Malicious code in bioql PyPI...

EUVD-2022-54915

Malicious code in bioql PyPI...

EUVD-2025-20947

Malicious code in bioql PyPI...

EUVD-2025-14150

Malicious code in bioql PyPI...

CVE-2023-53349 media: ov2740: Fix memleak in ov2740_init_controls()

In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740initcontrols There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 size 16: comm "51-i2c-ov2740", pid 278, jiffies 4294781584 age...