47 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: rapidio: Replace riofreenet with kfree in rioscanallocnet. When the idtab allocation fails, the network is not yet registered with rioaddnet. Therefore, calling kfreenet is sufficient to release the memory. Set mport-net to NULL ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: rapidio: devices: fixed the issue where putdevice was missing in mportcdevopen. When kfifoalloc fails, the reference count of chdev-dev remains incremented. We should use putdevice&chdev-dev to decrement the reference count of...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: rapidio: fixed a possible Use-after-Allocation UAF issue when kfifoalloc fails. If kfifoalloc fails in mportcdevopen, it jumps to errfifo and simply frees the priv object. However, since priv remains in chdev-filelist, traversal ...
CVE-2026-43295
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013551 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007626)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007626 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
SUSE CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992862)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992862 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series rapidio: fix three possible...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992886)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992886 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...
EUVD-2022-55841
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevice to give up the reference in the error path, so that the name can be...
CVE-2022-50857
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevice to give up the reference in the error path, so that the name can be...
UBUNTU-CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50857 rapidio: rio: fix possible name leak in rio_register_mport()
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevice to give up the reference in the error path, so that the name can be...
CVE-2022-50857
The CVE-2022-50857 entry concerns the Linux kernel code path for rapidio rio: rio_register_mport. The issue arises when device_register() fails after an mport name has been allocated with dev_set_name(); the allocated name must be released, and the reference should be dropped with put_device() so...
CVE-2022-50857
In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevice to give up the reference in the error path, so that the name can be...
CVE-2022-50810 rapidio: devices: fix missing put_device in mport_cdev_open
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
CVE-2022-50810
CVE-2022-50810 (Linux kernel, rapidio devices) : The issue arises in mport_cdev_open where a missing put_device call leaves the reference count of chdev->dev incremented when kfifo_alloc fails, causing a refcount leak. The vulnerability is limited to the rapidio device code path; no exploitati...
CVE-2022-50810
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of chdev-dev is left incremental. We should use putdevice&chdev-dev to decrease the ref count of chdev-dev to avoid refcount leak...
PT-2025-53928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the rapidio subsystem. Specifically, a reference count leak can occur when kfifo alloc fails during device operations. This happens because t...