225451 matches found
EUVD-2026-32225
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...
EUVD-2026-32234
In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Fix memory leak in starfiveaesaeaddoonereq The starfiveaesaeaddoonereq function allocates rctx-adata with kzalloc but fails to free it if sgcopytobuffer or starfiveaeshwinit fails, which lead to memory leaks...
EUVD-2026-32220
In the Linux kernel, the following vulnerability has been resolved: power: supply: goldfish: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
EUVD-2026-32221
In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - fix kernel panic in driver detach During driver detach, the same hash algorithm is unregistered multiple times due to a wrong iterator...
EUVD-2026-32222
In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916lbc: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
EUVD-2026-32376
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at rxeschedtask+0x1c8/0x238 rdmarxe, CPU0: swapper/0/0 ... libsha1 last unloaded: ip6udptunnel...
EUVD-2026-32215
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
EUVD-2026-32379
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mcast: always update mdbnentries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that there are multiple ways to trigger that warning today some got added...
EUVD-2026-32383
In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler...
EUVD-2026-32386
In the Linux kernel, the following vulnerability has been resolved: ext4: fix dirtyclusters double decrement on fs shutdown fstests test generic/388 occasionally reproduces a warning in ext4putsuper associated with the dirty clusters count: WARNING: CPU: 7 PID: 76064 at fs/ext4/super.c:1324...
EUVD-2026-32384
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...
EUVD-2026-32385
In the Linux kernel, the following vulnerability has been resolved: sched/rt: Skip currently executing CPU in rtonextcpu CPU0 becomes overloaded when hosting a CPU-bound RT task, a non-CPU-bound RT task, and a CFS task stuck in kernel space. When other CPUs switch from RT to non-RT tasks, RT load...
EUVD-2026-32388
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...
EUVD-2026-32387
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtdparsertplinksafeloaderparse The function mtdparsertplinksafeloaderparse allocates buf via mtdparsertplinksafeloaderreadtable. If the allocation for partsidx.name fails inside the loop, the code...
EUVD-2026-32389
In the Linux kernel, the following vulnerability has been resolved: net: usb: catc: enable basic endpoint checking catcprobe fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors: - usbsndbulkpipeusbdev, 1 and usbrcvbulkpipeusbdev, 1 for TX/RX -...
EUVD-2026-32382
In the Linux kernel, the following vulnerability has been resolved: power: supply: sbs-battery: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
EUVD-2026-32380
In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...
EUVD-2026-32391
In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...
EUVD-2026-32394
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix memory leak on codecinfo allocation failure In wave5vpuopenenc and wave5vpuopendec, a vpu instance is allocated via kzalloc. If the subsequent allocation for inst-codecinfo fails, the functions retu...
EUVD-2026-32392
In the Linux kernel, the following vulnerability has been resolved: rust: pwm: Fix potential memory leak on init error When initializing a PWM chip using pwmchipalloc, the allocated device owns an initial reference that must be released on all error paths. If pinnedinit were to fail, the allocate...