Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Rapidio: fixed a possible UAF Use-after-Allocation when kfifoalloc fails. If kfifoalloc fails in mportcdevopen, it jumps to errfifo and simply frees priv. However, priv is still in chdev-filelist, and traversal of the list may le...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007626 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000221)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000221 advisory. A memory leak in the cx23888irprobe function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of servi...

CVE-2022-50810 rapidio: devices: fix missing put_device in mport_cdev_open

In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...

EUVD-2022-55507

Malicious code in bioql PyPI...

CVE-2022-50294 wifi: libertas: fix memory leak in lbs_init_adapter()

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix memory leak in lbsinitadapter When kfifoalloc failed in lbsinitadapter, cmd buffer is not released. Add free memory to processing error path...

CVE-2022-50245 rapidio: fix possible UAF when kfifo_alloc() fails

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfifo and just free priv. But priv is still in the chdev-filelist, then list traversal may cause UAF. This fixes the following smatch...

CVE-2022-50245

CVE-2022-50245 concerns a Linux kernel issue in the rapidio driver where a UAF can occur if kfifo_alloc() fails during mport_cdev_open(). The fix removes priv from the chdev->file_list before freeing it to prevent traversal from accessing a freed object (the smatch warning reference). Affected...

PT-2025-37499

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a use-after-free UAF issue within the rapidio component. Specifically, a failure in the kfifo alloc function during mport cdev open can lead to a UAF conditio...

PT-2025-37596

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified in the lbs init adapter function within the Libertas wireless driver. Specifically, when the kfifo alloc function failed, the command buffer was not released...