365 matches found
PT-2026-39080
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ceph mdsc build path function. The issue occurs because putname calls were missing in error code paths that failed to free the path pointer obtained by getnam...
SUSE CVE-2026-43162
In the Linux kernel, the following vulnerability has been resolved: media: tegra-video: Fix memory leak in tegrachanneltryformat The state object allocated by v4l2subdevstatealloc must be freed with v4l2subdevstatefree when it is no longer needed. In tegrachanneltryformat, two error paths return...
SUSE CVE-2026-43177
In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...
CVE-2026-43162
A flaw was found in the Linux kernel's tegra-video driver. This vulnerability, a memory leak, occurs because certain error paths in the tegrachanneltryformat function fail to properly deallocate a state object. Over time, this can lead to increased memory consumption, potentially causing system...
CVE-2025-71273
A flaw was found in the Linux kernel's rtw88 Wi-Fi driver. This vulnerability is caused by a memory leak within the rtwregisterhw function, where memory allocated for supported bands is not properly released during error conditions. This could allow a local attacker to exhaust system memory,...
EUVD-2026-27739
In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...
CVE-2026-43177
In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...
CVE-2026-43177 media: ipu6: Fix RPM reference leak in probe error paths
In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...
CVE-2026-43177
In the Linux kernel ipu6 driver, CVE-2026-43177 is due to a runtime PM reference leak in probe error paths of the ipu6_pci_probe() routine. Several error paths jumped to cleanup without releasing the runtime PM reference, risking resource exhaustion and potential DoS. The published fixes add a pm...
CVE-2026-43162 media: tegra-video: Fix memory leak in __tegra_channel_try_format()
In the Linux kernel, the following vulnerability has been resolved: media: tegra-video: Fix memory leak in tegrachanneltryformat The state object allocated by v4l2subdevstatealloc must be freed with v4l2subdevstatefree when it is no longer needed. In tegrachanneltryformat, two error paths return...
CVE-2025-71272
The CVE-2025-71272 entry concerns a Linux kernel resource-leak in most_register_interface(). When initialization fails before device registration, memory for the interface could be leaked. The fix initializes the device early with device_initialize(), calls put_device() on all error paths, and sw...
CVE-2025-71272 most: core: fix resource leak in most_register_interface error paths
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
SUSE CVE-2026-43066
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...
PT-2026-37502
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tegra channel try format function. The issue arises because two error paths return immediately after the v4l2 subdev call function fails, failing to call v4l2...
CVE-2026-43066
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...
CVE-2026-43066
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Core – The putdevice function should only be called after deviceregister fails. putdevice should not be called before a previous call to deviceregister. thermalcoolingdeviceregister does not follow this principle...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: fsl: Fixed a reference count leak in imxsgtl5000probe. The function offindi2cdevicebynode takes a reference; in error-prone paths, we should call putdevice to release that reference, thereby avoiding a reference...