CVE-2026-45883

The CVE-2026-45883 entry concerns the Linux kernel iio:sca3000 driver. A resource leak occurs where spi->irq allocated via request_threaded_irq() is not released if iio_device_register() fails during sca3000_probe(). The fix adds a return-value check and jumps to a common error handler to ensu...

CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

CVE-2026-45876

In the Linux kernel, arm64/gcs fixes error handling in arch_set_shadow_stack_status. alloc_gcs() now detects error-encoded pointers returned by do_mmap() (not NULL) via IS_ERR_VALUE(), aligning with the check in gcs_alloc_thread_stack. The previous NULL-based check could fail to detect errors, ri...

CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

CVE-2026-45875 mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure

In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Fix regulator resource leak on wm5102clearwritesequencer failure The wm5102clearwritesequencer helper may return an error and just return, bypassing the cleanup sequence and causing regulators to remain enabled,...

CVE-2026-45874

In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclkpad this point...

CVE-2026-45872

The CVE-2026-45872 entry for the Linux kernel addresses a memory leak in the SCSI smartpqi driver: pqi_report_phys_luns() could fail to free the rpl_list buffer on unsupported data formats or failed allocations. The fix consolidates error handling by introducing an out_free_rpl_list label and usi...

CVE-2026-45871 tpm: st33zp24: Fix missing cleanup on get_burstcount() error

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

CVE-2026-45871

In the Linux kernel vulnerability CVE-2026-45871, the issue is in TPM st33zp24 handling within get_burstcount(). On a timeout, get_burstcount() may return -EBUSY, causing st33zp24_send() to return without releasing the previously acquired locality. The fix adds proper cleanup using a goto out_err...

CVE-2026-45870 SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45870

The CVE-2026-45870 issue affects the Linux kernel SUNRPC auth_gss path, causing memory leaks in XDR decoding error paths. Specifically, gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() allocate buffers via gssx_dec_buffer() (kmemdup) and may return early on a subsequent decode error without...

CVE-2026-45863

The CVE-2026-45863 entry documents a Linux kernel memory-leak bug in i3c: dw through dw_i3c_master_i2c_xfers(). The function allocates an xfer via dw_i3c_master_alloc_xfer(), but if pm_runtime_resume_and_get() fails it previously returned without freeing the allocated xfer. The fix adds a call to...

CVE-2026-45857 scsi: csiostor: Fix dereference of null pointer rn

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...

CVE-2026-45857

Affected software: Linux kernel (scsi: csiostor). Issue: dereferencing a null pointer rn in the error path when rn is NULL due to macro CSIO_INC_STATS. Root cause: missing safe control flow after macro usage. Impact: potential null-pointer dereference in the SCSI path; no exploitation details pro...

CVE-2026-45852 RDMA/rxe: Fix double free in rxe_srq_from_init

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...

CVE-2026-45837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

CVE-2026-45846

CVE-2026-45846 : Linux kernel bareudp code fixes a NULL pointer dereference in bareudp_fill_metadata_dst(), which passes bareudp->sock to udp_tunnel6_dst_lookup() without a NULL check. The socket is created in bareudp_open() and cleared in bareudp_stop(); calling the path while the device is d...

EUVD-2026-32164

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

CVE-2025-66593

An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...

CVE-2025-66593

CVE-2025-66593 affects Synology Assistant prior to 7.0.6-50085. The issue is an origin validation error during installation that lets local users write arbitrary files with restricted content. Impact per available data: integrity is Low, availability is High, confidentiality is None; CVSS 3.1 bas...