EUVD-2026-32888

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free in createspaceinfo error path When kobjectinitandadd fails, the call chain is: createspaceinfo - btrfssysfsaddspaceinfotype - kobjectinitandadd - failure - kobjectput&spaceinfo-kobj - spaceinforelease -...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: think-lmi: Fixed reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned, and that reference needs to be disposed of using kobjectput. The validation of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/amdgpu: fixed potential memory leaks. In the function amdgpugetxgmihive, when kobjectinitandadd fails, there is a potential memory leak if kobjectput is not called...

CVE-2026-43328

In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...

CVE-2026-43328

Root cause: in the Linux kernel cpufreq governor, the error path in cpufreq_dbs_governor_init() could trigger a double free when kobject_init_and_add() fails. The kobject release path previously attempted cleanup via gov->exit(dbs_data) and kfree(dbs_data) twice. The fix keeps a direct kfree(d...

CVE-2026-43328

In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectputdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a double release in the error path of cpufreqdbsgovernorinit. After kobjectput, the functions exi...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus – Fixed a memory leak in vmbusaddchannelkobj. kobjectinitandadd takes a reference even when it fails. According to the documentation for kobjectinitandadd: If this function returns an error, kobjectput must ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fixed a potential memory leak in “addwidgetnode”. Since “kobjectadd” may allocate memory for “kobject-name” when returning an error. In this function, if the call to “kobjectadd” fails, the memory is not freed...

SUSE CVE-2026-31689

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...

CVE-2026-31689

In the Linux kernel, the following vulnerability has been resolved: EDAC/mc: Fix error path ordering in edacmcalloc When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice which will end up calling the device's release function. However, the init ordering is wrong...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an issue with the order of calls to the edacmcalloc function in the EDAC/mc component. This issue may le...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012988)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012988 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfsbreakactiveprotection The sysfsbreakactiveprotection routin...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007281 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: sysfs: Fix reference leak in sysfsbreakactiveprotection The sysfsbreakactiveprotection routin...

UBUNTU-CVE-2026-23192

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37995)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37995 advisory. - In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobjectput is safe f...

EUVD-2025-201629

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989017 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: dmi-sysfs: Fix memory leak in dmisysfsregisterhandle kobjectinitandadd takes reference...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988842)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988842 advisory. In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500fgsysfsinit kobjectinitandadd takes reference eve...

SUSE CVE-2023-53631

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobjectput to dispose the...