CVE-2026-23464 soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfssyscontrollerprobe In mpfssyscontrollerprobe, if ofgetmtddevicebynode fails, the function returns immediately without freeing the allocated memory for syscontroller, leading to a memor...

CVE-2026-23464

CVE-2026-23464 concerns the Linux kernel vulnerability in the Microchip PolarFire SoC mpfs driver. The issue is a memory leak in mpfs_sys_controller_probe(): if of_get_mtd_device_by_node() fails, the function returns early without freeing allocated memory for sys_controller. The fix routes error ...

CVE-2026-23432

CVE-2026-23432 : In the Linux kernel mshv component, there is a use-after-free in the error path of mshv_map_user_memory . The problem occurs when, in the error path, the code calls vfree() directly on a region while the MMU notifier remains registered; if userspace later unmaps that memory, the ...

CVE-2026-23429 iommu/sva: Fix crash in iommu_sva_unbind_device()

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommusvaunbinddevice domain-mm-iommumm can be freed by iommudomainfree: iommudomainfree mmdrop mmdrop mmpasiddrop After iommudomainfree returns, accessing domain-mm-iommumm may dereference a freed mm...

CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

UBUNTU-CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

UBUNTU-CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

JLSEC-2026-48

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistake...

JLSEC-2026-34

An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. A...

CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

CVE-2026-23423

CVE-2026-23423 concerns memory management in the Linux kernel’s btrfs_uring_read_extent() path. The issue: the 'pages' object allocated during read operations is not freed in error scenarios, under the hopeful path that it will be reclaimed by btrfs_uring_read_finished() later. If errors occur (e...

CVE-2026-23423 btrfs: free pages on error in btrfs_uring_read_extent()

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

CVE-2026-23418 drm/xe/reg_sr: Fix leak on xa_store failure

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

CVE-2026-35535

CVE-2026-35535 affects Sudo up to 1.9.17p2, before the patch identified as 3e474c2. A failure in a setuid/setgid/setgroups call during privilege drop prior to invoking the mailer is not fatal and can lead to local privilege escalation. The vulnerability is restricted to local attackers with exist...

PT-2026-30127

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshv map user memory error path In the error path of mshv map user memory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an initialization error in the ID register of unprotected pKVM clients, potentially leading to...

PT-2026-30158

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfs sys controller probe In mpfs sys controller probe, if of get mtd device by node fails, the function returns immediately without freeing the allocated memory for sys controller, leadin...