CVE-2026-31783

The CVE-2026-31783 entry refers to a Linux kernel issue in spi: amlogic: spifc-a4 where the on-host NAND ECC engine teardown was missing in probe unwind and remove-time cleanup. The fix adds a devm cleanup action so nand_ecc_unregister_on_host_hw_engine() runs automatically on probe failures and ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011018 advisory. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree...

CVE-2025-71192

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to drop the device reference. kfree is not required. Add kfree if idralloc fails and in ac97adapterrelease to do the...

EUVD-2022-55813

In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 "ipc: Free mqsysctls if ipc namespace creation failed" Here's a similar memory leak to the one fixed by the patch above. retiremqsysctls need to be called...

CVE-2023-54126

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the...

UBUNTU-CVE-2023-54126

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Cleanup ring IRQ workqueues on load failure A failure loading the safexcel driver results in the following warning on boot, because the IRQ affinity has not been correctly cleaned up. Ensure we clean up the...

CVE-2022-50729

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbdsessionrpcopen When ksmbdrpcopen fails then it must call ksmbdrpcidfree to undo the result of ksmbdipcidalloc...

CVE-2023-53849

Technical details about CVE-2023-53849 are not publicly provided in the supplied documents. Monitor for updates from official advisories; no concrete impact, affected products, or fixes are described here.

kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

DEBIAN-CVE-2025-39698

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

CVE-2025-39698 io_uring/futex: ensure io_futex_wait() cleans up properly on failure

In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...

Linux Distros Unpatched Vulnerability : CVE-2025-38400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. syzbot reported a warning below 1 following a fault injection in nfsfsprocnetinit. 0 When...

DEBIAN-CVE-2025-21906

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: clean up ROC on failure If the firmware fails to start the session protection, then we do call iwlmvmrocfinished here, but that won't do anything at all because IWLMVMSTATUSROCP2PRUNNING was never set. Set...

CVE-2024-57985

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...

CVE-2025-21661 gpio: virtuser: fix missing lookup table cleanups

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from...

SUSE CVE-2024-56573

In the Linux kernel, the following vulnerability has been resolved: efi/libstub: Free correct pointer on failure cmdlineptr is an out parameter, which is not allocated by the function itself, and likely points into the caller's stack. cmdline refers to the pool allocation that should be freed whe...

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

kernel: drm/amdgpu/powerplay/psm: Fix memory leak in power state init

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 "drm/amdgpu/powerplay/psm: return an error in power state init" made the power state init function return early in case of failure to get an entry...

CVE-2021-32032

In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation in the event of a failure can prevent the abort operation in the associated cryptographic library from freeing internal resources, causing a memory leak...

kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver

A vulnerability was found in hiddevopen in drivers/hid/usbhid/hiddev.c in the USB Human Interface Device class subsystem, where an existing device must be validated prior to its access. The device should also ensure the hiddevlist cleanup occurs at failure, as this may lead to a use-after-free...