Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd. If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37817)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37817 advisory. - In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993064)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993064 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992625 advisory. In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails,...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mcb: fixed a double-free bug in chameleonparsegdd. In chameleonparsegdd, if mcbdeviceregister fails, ‘mdev’ will be released through putdevice in mcbdeviceregister. As a result, the statement “goto ‘err’ label” and the subsequent...

SUSE CVE-2025-37817

In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails, 'mdev' would be released in mcbdeviceregister via putdevice. Thus, goto 'err' label and free 'mdev' again causes a double free. Jus...

CVE-2025-37817 mcb: fix a double free bug in chameleon_parse_gdd()

In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleonparsegdd In chameleonparsegdd, if mcbdeviceregister fails, 'mdev' would be released in mcbdeviceregister via putdevice. Thus, goto 'err' label and free 'mdev' again causes a double free. Jus...