163 matches found
UBUNTU-CVE-2026-23261
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: release admin tagset if init fails nvmefabrics creates an NVMe/FC controller in following path: nvmfdevwrite - nvmfcreatectrl - nvmefccreatectrl - nvmefcinitctrl nvmefcinitctrl allocates the admin blk-mq resources right...
CVE-2026-23162 drm/xe/nvm: Fix double-free on aux add failure
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliarydeviceinit, auxdev-dev.release xenvmreleasedev is responsible for the kfreenvm. When there is failure with auxiliarydeviceadd, driver will call...
CVE-2026-23117
The CVE-2026-23117 entry concerns the Linux kernel Intel ice network driver. The issue arises during devlink-reload: ice_devlink_reinit_down() did not call ice_deinit_hw() while ice_devlink_reinit_up() calls ice_init_hw(), causing ice_init_hw() to fail with -EBUSY if control queues remain initial...
CVE-2026-23117 ice: add missing ice_deinit_hw() in devlink reinit path
In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...
PT-2026-8157
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliary device init, aux dev-dev.release xe nvm release dev is responsible for the kfreenvm. When there is failure with auxiliary device add, driver will call...
kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe component. This use-after-free vulnerability occurs in the rxecreatecq function. When the rxecqfrominit function fails, the subsequent call to rxecleanup attempts to free memory resource...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38227)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38227 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Terminating the subsequent...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004334 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoeifinit fails fcoeinit calls...
kernel: RDMA/rxe: Fix mr->map double free
A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...
kernel: RDMA/rxe: Fix mr->map double free
A double-free vulnerability was found in the Linux kernel RDMA RXE soft-RoCE driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-map...
UBUNTU-CVE-2022-50825
In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801probe I got the following report while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 4, ofnodeget/ofnodeput unbalanced - destroy cset...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992400)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992400 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoeifinit fails fcoeinit calls...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992329)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992329 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix memory leak in ocfs2stackglueinit ocfs2tableheader should be free in ocfs2stackglueini...
PT-2025-53968
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc1-00190-g39508d23b672 Description The Linux kernel contains an issue in the ipr init function within the SCSI subsystem. Specifically, ipr init does not call unregister reboot notifier when pci register...
SUSE CVE-2022-50780
In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...
Linux Distros Unpatched Vulnerability : CVE-2022-50702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or...
CVE-2023-54084
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
CVE-2022-50727
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...
CVE-2023-54084 ALSA: firewire-digi00x: prevent potential use after free
In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...
CVE-2022-50780 net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed
In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...