PT-2026-37489

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: wan/fsl ucc hdlc component where priv-rx buffer and priv-tx buffer are allocated together as contiguous buffers in the uhdlc init function but are incorrectly...

CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

DEBIAN-CVE-2026-31639

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

CVE-2026-31639

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003454 advisory. Race condition in the ionioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial o...

UBUNTU-CVE-2023-53693

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

CVE-2023-53693 USB: gadget: Fix the memory leak in raw_gadget driver

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of tcpbpfsendverdict to call skmsgfree on a failed psock-cork allocation, which could lead to a...

CVE-2025-39765 ALSA: timer: fix ida_free call while not allocated

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly checking the condition of the idafree call, which could result in the release of unallocated IDs...

Linux Distros Unpatched Vulnerability : CVE-2022-48880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssamrequestsyncfree Although rare,...

UBUNTU-CVE-2025-37989

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition, which was traced to a memory leak in the PHY LED trigger code. The root cause is misuse of the devm API. The registration...

CVE-2024-58056 remoteproc: core: Fix ida_free call while not allocated

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix idafree call while not allocated In the rprocalloc function, on error, putdevice&rproc-dev is called, leading to the call of the rproctyperelease function. An error can occurs before idaalloc is called. In...

CVE-2024-57795

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Remove the direct link to netdevice The similar patch in siw is in the link: https://git.kernel.org/rdma/rdma/c/16b87037b48889 This problem also occurred in RXE. The following analyze this problem. In the following Call...

CVE-2024-56756 nvme-pci: fix freeing of the HMB descriptor table

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but nvmeallochostmem could break out of the loop earlier on memory...

nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC

Impact Decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the...

GHSA-7MV5-5MXH-QG88 nanopb vulnerable to invalid free() call with oneofs and PB_ENABLE_MALLOC

Impact Decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and a non-pointer field. If the message data first contains the non-pointer field and then the pointer field, the...

SUSE CVE-2023-22995

In the Linux kernel before 5.17, an error path in dwc3qcomacpiregistercore in drivers/usb/dwc3/dwc3-qcom.c lacks certain platformdeviceput and kfree calls...

SUSE: Security Advisory (SUSE-SU-2021:3613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-21401 Invalid free() call in Nanopb

Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before versions 0.3.9.8 and 0.4.5, decoding a specifically formed message can cause invalid free or realloc calls if the message type contains an oneof field, and the oneof directly contains both a pointer field and ...