Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a resource leak in ksmbdsessionrpcopen. When ksmbdrpcopen fails, it must call ksmbdrpcidfree to undo the result of ksmbdipcidalloc...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Type confusion was fixed due to a race condition when using ipcmsgsendrequest. req-handle is allocated using ksmbdacquireid&ipcida, based on idaalloc. req-handle from ksmbdipcloginrequest and FSCTLPIPETRANSCEIVE ioctl can ...

CVE-2026-23149

In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...

CVE-2026-23038

In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list, leading...

EUVD-2022-55760

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbdsessionrpcopen When ksmbdrpcopen fails then it must call ksmbdrpcidfree to undo the result of ksmbdipcidalloc...

CVE-2022-50729 ksmbd: Fix resource leak in ksmbd_session_rpc_open()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbdsessionrpcopen When ksmbdrpcopen fails then it must call ksmbdrpcidfree to undo the result of ksmbdipcidalloc...

CVE-2025-68247

The CVE-2025-68247 issue affects the Linux kernel posix-timers code, specifically do_timer_create(), where memory allocated for a timer ID could leak if user-space access faults occur during timer creation. The underlying root cause is the allocation happening before validating user-space data; t...

CVE-2023-53315

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled with value "0" from REO destination ring is received. This descriptor which is invalid causes the...

CVE-2023-53315 wifi: ath11k: Fix SKB corruption in REO destination ring

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled with value "0" from REO destination ring is received. This descriptor which is invalid causes the...

CVE-2023-53315 wifi: ath11k: Fix SKB corruption in REO destination ring

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled with value "0" from REO destination ring is received. This descriptor which is invalid causes the...

SUSE-SU-2025:02934-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002347 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351. -...

CVE-2024-58078

In the Linux kernel, the following vulnerability has been resolved: misc: miscminoralloc to use ida for all dynamic/misc dynamic minors miscminoralloc was allocating id using ida for minor only in case of MISCDYNAMICMINOR but miscminorfree was always freeing ids using idafree causing a mismatch a...

CVE-2024-58078

In the Linux kernel, the following vulnerability has been resolved: misc: miscminoralloc to use ida for all dynamic/misc dynamic minors miscminoralloc was allocating id using ida for minor only in case of MISCDYNAMICMINOR but miscminorfree was always freeing ids using idafree causing a mismatch a...

CVE-2022-49436

In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char ' elements allocated for individual 'statid' in 'paprscmpriv.nvdimmeventsmap' during paprscmpmucheckevents, get leaked in paprscmremove and paprscmpmuregister,...

CVE-2022-49436 powerpc/papr_scm: Fix leaking nvdimm_events_map elements

In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Fix leaking nvdimmeventsmap elements Right now 'char ' elements allocated for individual 'statid' in 'paprscmpriv.nvdimmeventsmap' during paprscmpmucheckevents, get leaked in paprscmremove and paprscmpmuregister,...

DEBIAN-CVE-2023-52868

In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...