kernel: scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidhalua: Fix memleak for 'qdata' in aluaactivate If aluartpgqueue failed from aluaactivate, then 'qdata' is not freed, which will cause following memleak: unreferenced object 0xffff88810b2c6980 size 32: comm...

kernel: drm/amd: fix potential memory leak

A memory leak was found in the Linux kernel's AMD display driver in the clock source initialization logic. When the initialization function encounters an error in its final return path, allocated memory for the clksrc structure is not freed before returning NULL. This results in leaked memory tha...

kernel: capabilities: fix potential memleak on error path from vfs_getxattr_alloc()

A flaw was found in the capabilities subsystem in the Linux kernel. When memory is allocated for a temporary buffer and a subsequent function call fails, the allocated memory is not released, resulting in a memory leak. This issue could impact system performance and result in a denial of service...

kernel: driver core: fix potential null-ptr-deref in device_add()

A NULL pointer dereference was found in the driver core's deviceadd function. When dpmsysfsadd fails after busadddevice succeeds, the error path attempts to remove the driver binding that was never completed, causing a crash...

kernel: driver core: fix potential null-ptr-deref in device_add()

A NULL pointer dereference was found in the driver core's deviceadd function. When dpmsysfsadd fails after busadddevice succeeds, the error path attempts to remove the driver binding that was never completed, causing a crash...

kernel: cpufreq: qcom: fix memory leak in error path

A memory leak vulnerability was found in the Qualcomm cpufreq driver in the Linux kernel. When the speedbin length is incorrect, the error handling path fails to free the allocated speedbin buffer, leading to a memory leak. Over time, this can cause resource exhaustion and system instability...

kernel: EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()

In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: fix refcount leak in pcigetdevwrapper As the comment of pcigetdomainbusandslot says, it returns a PCI device with refcount incremented, so it doesn't need to call an extra pcidevget in pcigetdevwrapper, and the PCI...

kernel: RDMA/rxe: Fix mr->map double free

A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...

kernel: net: genl: fix error path memory leak in policy dumping

A flaw was found in the netlink driver in the Linux kernel. A memory leak can occur when allocated memory is not released in certain error cases, potentially impacting system performance and resulting in a denial of service...

kernel: wifi: ath12k: Handle lock during peer_id find

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peerid find ath12kpeerfindbyid requires that the caller hold the ab-baselock. Currently the WBM error path does not hold the lock and calling that function, leads to the following lockdepassertin...

kernel: drm/shmem-helper: Remove another errant put in error path

In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drmgemshmemmmap doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free...

UBUNTU-CVE-2023-45666

stbimage is a single file MIT licensed library for processing images. It may look like stbiloadgifmain doesn’t give guarantees about the content of output value delays upon failure. Although it sets delays to zero at the beginning, it doesn’t do it in case the image is not recognized as GIF and a...

kernel: seccomp: Move copy_seccomp() to no failure path

A memory leak flaw was found in the Linux kernel's seccomp subsystem. When a process using seccomp filters is interrupted by a fatal signal during clone, the seccompfilter structure and associated BPF program memory are not properly freed. This occurs because copyseccomp is called before the...

PT-2025-53189

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the kcm sendmsg function. The issue occurs when an error happens after some bytes have been copied during message sending, leaving the last skb...

[Important] [Security] Virtuozzo ReadyKernel Patch 159.0 for Virtuozzo Hybrid Server 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with security fixes. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7.5. Vulnerability id: CVE-2023-3268 3.10.0-1160.41.1.vz7.183.5 to 3.10.0-1160.80.1.vz7.191.4 Out-of-bound memory access during reading relayfs...

PT-2025-53183

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists within the mlx5e init rep rx function in the net/mlx55 module. Specifically, the memory allocated and pointed to by the rx res pointer is not freed during error...

kernel: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()

A flaw was found in the Linux kernel's ASoC da7219 audio codec driver. An error handling path in da7219registerdaiclks incorrectly attempts to unregister a clock that was never successfully registered. This could lead to incorrect resource cleanup during driver probe failure, potentially causing...

kernel: netfilter: nf_tables: possible module reference underflow in error path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: possible module reference underflow in error path dst-ops is set on when nftexprclone fails, but module refcount has not been bumped yet, therefore nftexprdestroy leads to module reference underflow...

kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...

UBUNTU-CVE-2023-31974

DISPUTED yasm v1.3.0 was discovered to contain a use after free via the function error at /nasm/nasm-pp.c. Note: Multiple third parties dispute this as a bug and not a vulnerability according to the YASM security policy...