CVE-2025-38416

Mode C: CVE-2025-38416 affects the Linux kernel NFC: nci: uart path. The vulnerability arises from setting tty->disc_data before the NCI device open/driver request succeeds, creating a small window where the device may start sending data and leaving state inconsistent on error paths. The fix e...

CVE-2025-38416

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in success path Setting tty-discdata before opening the NCI device means we need to clean it up on error paths. This also opens some short window if device starts sending data, even before...

CVE-2025-38410 drm/msm: Fix a fence leak in submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

CVE-2025-38410 drm/msm: Fix a fence leak in submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

CVE-2025-38410

CVE-2025-38410 affects the Linux kernel; specifically, the drm/msm fence leak in the submit error path could fail to call drm_sched_entity_push_job() and msm_job_free(), allowing a stale s_fence reference to persist. The issue is fixed in kernel updates (the Debian/openSUSE/Ubuntu advisories indi...

CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

CVE-2025-38409 drm/msm: Fix another leak in the submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

CVE-2025-38409

CVE-2025-38409 affects the Linux kernel, specifically the drm/msm path. The issue is a leak in the submit error path where put_unused_fd() fails to free the installed file if fd_install() has already occurred, leading to a leaked resource (sync_file). The patch fixes the leak by freeing the sync_...

CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

CVE-2025-38409 drm/msm: Fix another leak in the submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the msm drm module failing to release a synchronization file in a commit error path, which could lead to a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the msm drm module not properly cleaning up fence in the commit error path, which could lead to a memory lea...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a post-release usage issue in the genl connection error path...

kernel: media: uvcvideo: Fix double free in error path

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvcstatusinit function fails to allocate the inturb, it will free the dev-status pointer but doesn't reset the pointer to NULL. This results in the kfree call in...

kernel: media: uvcvideo: Fix double free in error path

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvcstatusinit function fails to allocate the inturb, it will free the dev-status pointer but doesn't reset the pointer to NULL. This results in the kfree call in...

block: fix resource leak in blk_register_queue() error path

...

net: ngbe: fix memory leak in ngbe_probe() error path

...

cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path

...

CVE-2025-38309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini, however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats...

AZL-64881 CVE-2025-38300 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8icecipherprepare Fix two DMA cleanup issues on the error path in sun8icecipherprepare: 1 If dmamapsg fails for areq-dst, the device driver would try to free DMA memory it has no...