Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arcnet: Add a NULL check in com20020pciprobe. devmkasprintf returns NULL when memory allocation fails. Currently, com20020pciprobe does not check for this case, resulting in a NULL pointer being dereferenced. Add a NULL check aft...

CVE-2026-43270

The CVE-2026-43270 issue affects the Linux kernel media: mtk-mdp module. In mtk_mdp_probe(), vpu_get_plat_device() increases the platform device reference count and is not consistently released in mtk_mdp_remove(), creating a reference-leak vulnerability. Red Hat and Debian OS/tracking entries co...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fixed an oops due to incorrect initialization of drmsched before its fini. Currently, amdgpu calls drmschedfini from the fence driver’s fini routine. Such a call is expected to occur only after the respective in...

CVE-2023-54307

CVE-2023-54307 affects the Linux kernel where the memory leak in the ptp_qoriq probe() was caused by a Smatch warning: the ‘base’ from ioremap() was not released. The fix revises the parameter from ptp_qoriq->base to base, addressing the leak when ptp_qoriq_init() returns on the first -ENODEV ...

CVE-2025-68229

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fix segfault in tcmlooptpgaddressshow If the allocation of tlhba-sh fails in tcmloopdriverprobe and we attempt to dereference it in tcmlooptpgaddressshow we will get a segfault, see below for an example. So...

UBUNTU-CVE-2025-40177

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be receiving data. Therefore all the resources needed to process that data need to be setup prior to...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fixed memory corruption in probe The nbpf-chan array is allocated earlier in the nbpfprobe function, and it contains “numchannels” elements. These three loops iterate one element further than they should,...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: misc: tps6594-pfsm: Add a NULL pointer check in tps6594pfsmprobe. The returned value pfsm-miscdev.name from devmkasprintf could be NULL. A pointer check has been added to prevent potential NULL pointer dereferencing. This is...

CVE-2023-53655

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobe-ed Registering a kprobe on rcuirqenterchecktick can cause kernel stack overflow as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and bootin...

SUSE CVE-2023-53255

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svccreatememorypool svccreatememorypool is only called from stratix10svcdrvprobe. Most of resources in the probe are managed, but not this memremap call. There is also no...

UBUNTU-CVE-2023-53255

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: Fix a potential resource leak in svccreatememorypool svccreatememorypool is only called from stratix10svcdrvprobe. Most of resources in the probe are managed, but not this memremap call. There is also no...

Linux Distros Unpatched Vulnerability : CVE-2024-26957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free...

SUSE CVE-2022-50208

In the Linux kernel, the following vulnerability has been resolved: soc: amlogic: Fix refcount leak in meson-secure-pwrc.c In mesonsecurepwrcprobe, there is a refcount leak in one fail path...

CVE-2022-50011 venus: pm_helpers: Fix warning in OPP during probe

In the Linux kernel, the following vulnerability has been resolved: venus: pmhelpers: Fix warning in OPP during probe Fix the following WARN triggered during Venus driver probe on 5.19.0-rc8-next-20220728: WARNING: CPU: 7 PID: 339 at drivers/opp/core.c:2471 devpmoppsetconfig+0x49c/0x610 Modules...

UBUNTU-CVE-2025-37884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcutaskstrace and eventmutex. Fix the following deadlock: CPU A freeevent perfkprobedestroy mutexlock&eventmutex perftraceeventunreg synchronizercutaskstrace There are several paths where freeevent grabs...

CVE-2024-58063 wifi: rtlwifi: fix memory leaks and invalid access at probe error path

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: fix memory leaks and invalid access at probe error path Deinitialize at reverse order when probe fails. When initswvars fails, rtldeinitcore should not be called, specially now that it destroys the rtlwq workqueue...

kernel: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe

The TI AM33xx power management driver in the Linux kernel fails to release reference counts acquired via wkupm3ipcget when errors occur during probe. Since the corresponding wkupm3ipcput call is missing from error paths, repeated probe failures gradually exhaust kernel resources...

AZL-52578 CVE-2024-50099 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Remove broken LDR literal uprobe support The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally written for use with kprobes, and access memory with...

kernel: media: airspy: fix memory leak in airspy probe

In the Linux kernel, the following vulnerability has been resolved: media: airspy: fix memory leak in airspy probe The commit ca9dc8d06ab6 "media: airspy: respect the DMA coherency rules" moves variable buf from stack to heap, however, it only frees buf in the error handling code, missing...

CVE-2018-11276

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe...