54 matches found
SUSE CVE-2026-45964
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...
EUVD-2026-32248
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...
CVE-2026-45964 SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...
CVE-2026-45964
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...
PT-2026-43831
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gss auth kref leak in gss alloc msg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in auth gss.c" added a kref get&gss auth-kref call to balance the gss put auth done in gss release msg, but forgot to add a...
Linux Distros Unpatched Vulnerability : CVE-2026-45964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 SUNRPC: Rebalance a kref in authgss.c added a krefget&gssauth-kref call to balance t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release the gssauth reference in the incorrect path of the gssallocmsg function...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: GPU: host1x – Fixed a race condition in syncptalloc and syncptfree. A race condition occurred between host1xsyncptalloc and host1xsyncptPut, which was addressed by using krefPutMutex instead of krefPut plus manual mutex locking...
SUSE CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
CVE-2026-43414
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In qla24xxelsdcmdiocb sp-free is set to qla2x00elsdcmdspfree. When an error happens, this function is called by qla2x00sprelease, when krefput releases the first and the last...
Linux Distros Unpatched Vulnerability : CVE-2026-43458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab- use-after-free in ptywriteroom when caifserial's TX path...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Scsi: sg: Fix slab-use-after-free issue in sgrelease A use-after-free bug was fixed in sgrelease, detected by syzbot with KASAN: Bug: KASAN: Slab-use-after-free in lockrelease+0x151/0xa30 kernel/locking/lockdep.c:5838...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fixed a UAF Use-After-Free condition related to rxkref of j1939priv. This issue could lead to a UAF condition involving rxkref of j1939priv as follows: cpu0 cpu1 j1939skBindsocket0, ndev0, …...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005008)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005008 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939netdevstart: fix UAF for rxkref of j1939priv It will trigger UAF for rxkref of...
CVE-2022-50767 fbdev: smscufx: Fix several use-after-free bugs
In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically removing a USB device. Adds ufxopsdestroy function to .fbdestroy of fbops, and in this function, there is krefput that finally calls...
EUVD-2025-203670
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...
CVE-2025-68226
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix incomplete backport in cfidsinvalidationworker The previous commit bdb596ceb4b7 "smb: client: fix potential UAF in smb2closecachedfid" was an incomplete backport and missed one krefput call in...
CVE-2025-68226
CVE-2025-68226 concerns a Linux kernel SMB client issue where a backport fix was incomplete: a kref_put() in cfids_invalidation_worker() was not converted to close_cached_dir(), leaving a potential UAF path. Multiple sources (RH, DebianOSV, OSV, NVD/NASL-style citations) describe the resolved vul...
PT-2025-51639
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB client related to an incomplete backport in the cfids invalidation worker function. A previous commit aimed to address a potential use-after-free...
CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...