2026 matches found
SUSE CVE-2026-43355
In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...
SUSE CVE-2026-43451
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
SUSE CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
SUSE CVE-2026-43358
In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because there is a rcureadunlock call past the loop. This has been detected by...
SUSE CVE-2026-43372
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If requestthreadedirq fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the kszptpirqsetup's error path only frees the mappings...
CLSA-2026-1778491896 libxml2: Fix of CVE-2022-49043
CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode by deferring xmlFreeURI until after the error path has consumed the value...
CLSA-2026-1778489354 python2: Fix of CVE-2026-6100
CVE-2026-6100: defensively null bzs-nextin on the error path of BZ2Decompdecompress to align with upstream; the UAF window does not exist in Python 2.7 nextin is reassigned at function entry, lzma/gzip are not C extensions...
CVE-2026-43358
A flaw was found in the Linux kernel's btrfs filesystem. A missing Read-Copy Update RCU unlock in an error path within the tryreleasesubpageextentbuffer function could lead to system instability. This issue, identified by a thread-safety analyzer, may result in a denial of service condition,...
CVE-2026-43355
A flaw was found in the Linux kernel's bh1780 light sensor driver. This vulnerability occurs due to a Power Management PM runtime leak, where the system's reference count for power management is not always properly decremented. An attacker could exploit this by repeatedly triggering the error pat...
EUVD-2026-28757
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
EUVD-2026-28664
In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because there is a rcureadunlock call past the loop. This has been detected by...
EUVD-2026-28601
In the Linux kernel, the following vulnerability has been resolved: most: core: fix leak on early registration failure A recent commit fixed a resource leak on early registration failures but for some reason left out the first error path which still leaks the resources associated with the...
CVE-2026-43461
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in amlsfcdmabuffersetup error paths: 1. Unnecessary goto: When the first DMA mapping sfc-daddr fails, nothing needs cleanup. Use direct return instead of goto...
CVE-2026-43372
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If requestthreadedirq fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the kszptpirqsetup's error path only frees the mappings...
CVE-2026-43355
In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...
CVE-2026-43358
In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because there is a rcureadunlock call past the loop. This has been detected by...
CVE-2026-43355
In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...
CVE-2026-43444
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Unreserve bo if queue update failed Error handling path should unreserve bo then return failed. cherry picked from commit c24afed7de9ecce341825d8ab55a43a254348b33...
UBUNTU-CVE-2026-43395
In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...
UBUNTU-CVE-2026-43358
In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because there is a rcureadunlock call past the loop. This has been detected by...