CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget

...

CVE-2025-40314 usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget structure pdev-gadget was freed before its endpoints. The endpoints are...

UBUNTU-CVE-2025-38517

In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...

kernel: net/mlx5e: Fix netif state handling

A vulnerability was found in the Linux kernel within the net/mlx5e component, where improper handling of network interface states could lead to a NULL pointer dereference or resource leaks if network registration fails during initialization. This condition could cause system instability, as...

CVE-2021-21589

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...

Code injection

Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 do not exit on failed Initialization. A local authenticated Service user could potentially exploit this vulnerability to escalate privileges...