8666 matches found
CVE-2026-45976
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...
CVE-2026-45976
CVE-2026-45976 affects the Linux kernel DRM/AMDGPU ras init path. The root cause is a memory leak: when amdgpu_nbio_ras_sw_init() fails inside amdgpu_ras_init(), the function returns without freeing the allocated con structure. The fix jumps to the release_con label to properly release the alloca...
CVE-2026-45976 drm/amdgpu: Fix memory leak in amdgpu_ras_init()
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...
CVE-2026-45961 gfs2: fix memory leaks in gfs2_fill_super error path
In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...
CVE-2026-45947
In the Linux kernel DRM/AMDGPU code, a memory leak was fixed in amdgpu_acpi_enumerate_xcc(). If amdgpu_acpi_dev_init() returns -ENOMEM, xcc_info could be leaked because it wasn’t freed in the error path. The fix ensures that xcc_info is properly freed on error paths, preventing the leak. This ana...
CVE-2026-45930
CVE-2026-45930 concerns the Linux kernel net:mctp subsystem. The issue involves RTM_GETNEIGH potentially returning uninitialized data in the pad bytes of ndmsg data within netlink responses. The description confirms a fix that initializes netlink data to zero in the link, addr, and neigh response...
CVE-2026-45909 clk: mediatek: Drop __initconst from gates
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Drop initconst from gates Since commit 8ceff24a754a "clk: mediatek: clk-gate: Refactor mtkclkregistergate to use mtkgate struct" the mtkgate structs are no longer just used for initialization/registration, but also...
CVE-2026-45858
CVE-2026-45858 affects the Linux kernel ext4 code. The issue occurs when allocating initialized blocks from a large unwritten extent or splitting an unwritten extent during end I/O, potentially leaving stale data if a split happens in the middle. The problem centers on ext4_split_extent() splitti...
CVE-2026-45852 RDMA/rxe: Fix double free in rxe_srq_from_init
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...
CVE-2025-71307
CVE-2025-71307 affects the Linux kernel’s DRM panthor path. The vulnerability arises in panthor_fw_unplug() where the MCU halt-and-wait sequence could dereference a NULL pointer if the MCU is in an unexpected state or the firmware is not loaded/initialized. The patch removes the MCU halt/wait dur...
SUSE CVE-2024-12289
Boundary Community Edition and Boundary Enterprise “Boundary” incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary...
Insecure Default Initialization of Resource
Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Insecure Default Initialization of Resource in the Context.spawn function. An attacker can access prototype-chain properties of objects...
PT-2026-43915
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usb dev refcount leak on probe failure create card takes a reference on the USB device with usb get dev and stores the matching usb put dev in card free, which is installed as the snd card's -private free...
PT-2026-43844
In the Linux kernel, the following vulnerability has been resolved: fbnic: close fw log race between users and teardown Fixes a theoretical race on fw log between the teardown path and fw log write functions. fw log is written inside fbnic fw log write and can be reached from the mailbox handler...
PT-2026-43828
In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2 fill super error path Fix two memory leaks in the gfs2 fill super error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects thread struct, task struct...
PT-2026-43780
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdb n entries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that there are multiple ways to trigger that warning today some got added...
CVE-2026-45926
rust: pwm: Fix potential memory leak on init error...
PT-2026-43843
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpu ras init When amdgpu nbio ras sw init fails in amdgpu ras init, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...
PT-2026-43969
In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nft bitwise Reject zero shift operands for nft bitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using BIT...
PT-2026-43756
In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcp rcvbuf grow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcp rcvbuf...