Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: fbtft: fixed a potential memory leak in fbtftframebufferalloc. In the error paths after the fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. This issue...

EUVD-2026-38001

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an error path leading to UAF of GPU page tables. The vulnerability allows physical memory allocated for MMU page tables to be used after being freed. This was caused by an error path that would not...

EUVD-2026-32354

In the Linux kernel, the following vulnerability has been resolved: md/raid1: fix memory leak in raid1run raid1run calls setupconf which registers a thread via mdregisterthread. If raid1setlimits fails, the previously registered thread is not unregistered, resulting in a memory leak of the mdthre...

CVE-2026-43419 ceph: fix memory leaks in ceph_mdsc_build_path()

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: asus-wmi: Fixed incorrect registrations. The function asuswmiregisterdriver may be called from multiple drivers simultaneously, which can lead to incorrect list operations. Eventually, this can corrupt memory and...

Linux Distros Unpatched Vulnerability : CVE-2026-31754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: cdns3: gadget: fix state inconsistency on gadget init failure When cdns3gadgetstart fails, the DRD hardware is left in gadget mode while software state...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007383 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinf...

PT-2026-30173

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak in the xe vm madvise ioctl function within the drm/xe subsystem of the Linux kernel has been addressed. The issue occurs when validation within check bo args are sane fails...

GO-2026-4583 malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability in github.com/chainguard-dev/malcontent

malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability in github.com/chainguard-dev/malcontent...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper cleanup in error paths within resource extraction and scanning processes. An attacker can degrade system availability by causing resource leaks and exhausting file...

GHSA-54P8-X2M9-C593 malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability

Several extraction and scanning code paths registered late defers which could leak resources and exhaust system resources. This report is an aggregate of these individual reports for the affected code: Advisory | Affected File -- | -- GHSA-jjgh-mc5q-gch7 | pkg/action/scan.go GHSA-mwmf-fxh2-w4x7 |...

malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability

Several extraction and scanning code paths registered late defers which could leak resources and exhaust system resources. This report is an aggregate of these individual reports for the affected code: Advisory | Affected File -- | -- GHSA-jjgh-mc5q-gch7 | pkg/action/scan.go GHSA-mwmf-fxh2-w4x7 |...

CVE-2026-23137

In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittestdataadd In unittestdataadd, if ofresolvephandles fails, the allocated unittestdata is not freed, leading to a memory leak. Fix this by using scope-based cleanup helper freekfree for...

CVE-2026-23033 dmaengine: omap-dma: fix dma_pool resource leak in error paths

In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...

SUSE CVE-2025-71154

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak in the smb3fscontextParseParam error path has been fixed. Proper cleanup of ctx-source and fc-source was added to the cifsParseMountErr error handler. This ensures that the memory allocated for the source...

CVE-2023-54070

CVE-2023-54070 relates to the igb driver in the Linux kernel. The issue occurs when SR-IOV is enabled and the igb module is removed; due to a cleanup path regression introduced after commit 50f303496d92, the cleanup in error paths after reinit can cause a hang/crash on systems with max_vfs set to...

CVE-2023-54070 igb: clean up in all error paths when enabling SR-IOV

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

CVE-2023-54070 igb: clean up in all error paths when enabling SR-IOV

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to clean up in all error paths when enabling SR-IOV, which could lead to a hang or crash on module...