CVE-2026-54278

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. An attacker may be able to send a compressed payload in specific situations that could be...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Handle mailbox timeouts in lpfcgetsfpinfo The MBXTIMEOUT return code is not properly handled in lpfcgetsfpinfo, and the routine unconditionally frees the submitted mailbox commands, regardless of the return status. Th...

CVE-2026-46235

CVE-2026-46235 affects the Linux kernel saa7164 media driver. The issue arises from missing return value checks for ioremap calls in saa7164_dev_setup(), specifically for BAR0 and BAR2. When ioremap fails, the code now performs cleanup: releases allocated PCI memory regions, removes the device fr...

CVE-2026-46235

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...

CVE-2026-46235 media: saa7164: add ioremap return checks and cleanups

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...

EUVD-2026-32794

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

CVE-2026-45891

A flaw was found in the Linux kernel's hns3 network driver. This double-free vulnerability occurs due to incorrect handling of the txspare buffer during ring parameter setup. If memory allocation fails in the error cleanup path, a stale pointer to backup memory is erroneously freed twice. This ca...

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

UBUNTU-CVE-2026-45870

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: authgss: fix memory leaks in XDR decoding error paths The gssxdecctx, gssxdecstatus, and gssxdecname functions allocate memory via gssxdecbuffer, which calls kmemdup. When a subsequent decode operation fails, these...

CVE-2026-46053

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

CVE-2026-45959 crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...

CVE-2026-45947 drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

CVE-2026-45891

The CVE-2026-45891 issue affects Linux kernel networking for the hns3 driver. In hns3_set_ringparam(), a temporary copy of the ring is used for rollback, but the tx_spare pointer in the original ring is not cleared after saving its value in tmp_rings. If memory allocation fails during hns3_init_a...

CVE-2026-45872 scsi: smartpqi: Fix memory leak in pqi_report_phys_luns()

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix memory leak in pqireportphysluns pqireportphysluns fails to release the rpllist buffer when encountering an unsupported data format or when the allocation for rpl16bytewwidlist fails. These early returns bypas...

CVE-2026-46096

tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic...

PT-2026-43843

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the amdgpu ras init function. When the amdgpu nbio ras sw init function fails, the system returns an error code immediately without freeing the allocated con...

CVE-2026-46053

net: rds: fix MR cleanup on copy error...

ROS-20260526-73-0006

Vulnerability in python-relenv related to improper dynamic memory cleanup. Exploitation of the vulnerability allows a remote attacker to bypass security restrictions and cause a denial of service by sending specially crafted smb2 packets...

CVE-2026-43502

A flaw was found in the Linux kernel, specifically within the Remote Direct Memory Access RDMA subsystem's handling of zerocopy send operations. When a zerocopy send fails before the message is attached to the sending socket, the kernel may incorrectly clean up the associated memory. This can lea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: accel/qaic: Fixed the memory leak caused by slicing operations. The temporary buffer that stores slicing configuration data from the user is only freed in case of an error. This constitutes a memory leak. The buffer should be...