72481 matches found
CVE-2026-45888 md/raid1: fix memory leak in raid1_run()
In the Linux kernel, the following vulnerability has been resolved: md/raid1: fix memory leak in raid1run raid1run calls setupconf which registers a thread via mdregisterthread. If raid1setlimits fails, the previously registered thread is not unregistered, resulting in a memory leak of the mdthre...
CVE-2026-45883
The CVE-2026-45883 entry concerns the Linux kernel iio:sca3000 driver. A resource leak occurs where spi->irq allocated via request_threaded_irq() is not released if iio_device_register() fails during sca3000_probe(). The fix adds a return-value check and jumps to a common error handler to ensu...
CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
CVE-2026-45876
In the Linux kernel, arm64/gcs fixes error handling in arch_set_shadow_stack_status. alloc_gcs() now detects error-encoded pointers returned by do_mmap() (not NULL) via IS_ERR_VALUE(), aligning with the check in gcs_alloc_thread_stack. The previous NULL-based check could fail to detect errors, ri...
CVE-2026-45876
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
CVE-2026-45875 mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure
In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Fix regulator resource leak on wm5102clearwritesequencer failure The wm5102clearwritesequencer helper may return an error and just return, bypassing the cleanup sequence and causing regulators to remain enabled,...
CVE-2026-45874
In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclkpad this point...
CVE-2026-45872
The CVE-2026-45872 entry for the Linux kernel addresses a memory leak in the SCSI smartpqi driver: pqi_report_phys_luns() could fail to free the rpl_list buffer on unsupported data formats or failed allocations. The fix consolidates error handling by introducing an out_free_rpl_list label and usi...
CVE-2026-45871 tpm: st33zp24: Fix missing cleanup on get_burstcount() error
In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...
CVE-2026-45871
In the Linux kernel vulnerability CVE-2026-45871, the issue is in TPM st33zp24 handling within get_burstcount(). On a timeout, get_burstcount() may return -EBUSY, causing st33zp24_send() to return without releasing the previously acquired locality. The fix adds proper cleanup using a goto out_err...
CVE-2026-45870 SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...
CVE-2026-45870
The CVE-2026-45870 issue affects the Linux kernel SUNRPC auth_gss path, causing memory leaks in XDR decoding error paths. Specifically, gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() allocate buffers via gssx_dec_buffer() (kmemdup) and may return early on a subsequent decode error without...
CVE-2026-45863
The CVE-2026-45863 entry documents a Linux kernel memory-leak bug in i3c: dw through dw_i3c_master_i2c_xfers(). The function allocates an xfer via dw_i3c_master_alloc_xfer(), but if pm_runtime_resume_and_get() fails it previously returned without freeing the allocated xfer. The fix adds a call to...
CVE-2026-45857 scsi: csiostor: Fix dereference of null pointer rn
In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...
CVE-2026-45857
Affected software: Linux kernel (scsi: csiostor). Issue: dereferencing a null pointer rn in the error path when rn is NULL due to macro CSIO_INC_STATS. Root cause: missing safe control flow after macro usage. Impact: potential null-pointer dereference in the SCSI path; no exploitation details pro...
CVE-2026-45852 RDMA/rxe: Fix double free in rxe_srq_from_init
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...
CVE-2026-45837
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...
CVE-2026-45846
CVE-2026-45846 : Linux kernel bareudp code fixes a NULL pointer dereference in bareudp_fill_metadata_dst(), which passes bareudp->sock to udp_tunnel6_dst_lookup() without a NULL check. The socket is created in bareudp_open() and cleared in bareudp_stop(); calling the path while the device is d...
EUVD-2026-32164
In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...
CVE-2025-66593
An origin validation error vulnerability in Synology Assistant before 7.0.6-50085 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...