CVE-2026-46176

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...

UBUNTU-CVE-2026-46176

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...

EUVD-2026-32803

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...

SUSE CVE-2026-45954

In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe In au1200fbdrvprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure...

PT-2026-44299

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error path fall-through exists in the mlx5 ib dev res srq init function. When the function allocates two Send Receive Queues SRQs, s0 and s1, a failure in ib create srq for s1 causes...

EUVD-2026-32238

In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe In au1200fbdrvprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure...

EUVD-2026-32337

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

CVE-2026-45954

In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe In au1200fbdrvprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure...

CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

UBUNTU-CVE-2026-45954

In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe In au1200fbdrvprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure...

CVE-2026-45872

The CVE-2026-45872 entry for the Linux kernel addresses a memory leak in the SCSI smartpqi driver: pqi_report_phys_luns() could fail to free the rpl_list buffer on unsupported data formats or failed allocations. The fix consolidates error handling by introducing an out_free_rpl_list label and usi...

CVE-2026-45870 SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-45870

The CVE-2026-45870 issue affects the Linux kernel SUNRPC auth_gss path, causing memory leaks in XDR decoding error paths. Specifically, gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name() allocate buffers via gssx_dec_buffer() (kmemdup) and may return early on a subsequent decode error without...

PT-2026-43738

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on get burstcount error get burstcount can return -EBUSY on timeout. When this happens, st33zp24 send returns directly without releasing the locality acquired earlier. Use goto out err to ensure...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Evince vulnerability (USN-8295-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8295-1 advisory. It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: lpfc: Issues related to ioremap operations in lpfcsli4pcimemsetup have been fixed. When iftype equals zero and pciresourcestartpdev, where PCI64BITBAR4 returns false, drbl regsmemmapp is not remapped. This passes a NULL...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/smb: Fixed inconsistent refcnt updates. An inconsistent update of the reference count was identified in smb2compoundop. Such inconsistent updates could lead to potential resource leaks. Why is this a potential bug? 1. In the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed an array bounds error with maygoto. Maygoto uses an additional 8 bytes on the stack, which causes the interpreters array to go out of bounds when calculating the index using stacksize. 1. If a BPF program is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe/regsr: Fixed a leak that occurred when xastore failed. Released the newly allocated entry when xastore fails, to avoid a memory leak in the error path. v2: Used “goto failfree”. Bala Cherry-picked from commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra: Fixed a memory leak in tegraslinkprobe In tegraslinkprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. This issue was addressed by replacing the...