Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing ofnodeput in dcscbinit The devicenode pointer is returned by offindcompatiblenode with refcount incremented. We should use ofnodeput to avoid the refcount leak...

PT-2026-6151

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call of put node to correctly maintain the refcount...

CVE-2022-50887

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulatordevlookup I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, ofnodeget/ofnodeput unbalanced - destroy cset entry: attach overlay...

CVE-2022-50887 regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulatordevlookup I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, ofnodeget/ofnodeput unbalanced - destroy cset entry: attach overlay...

CVE-2022-50887

CVE-2022-50887 concerns the Linux kernel regulator core: a refcount imbalance in regulator_dev_lookup() caused by unbalanced of_node_get()/of_node_put() in of_get_regulator(), leading to a memory leak as reported (OF: memory leak, expected refcount 1 instead of 2). The connected advisories confir...

UBUNTU-CVE-2022-50155

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: ofpart: Fix refcount leak in bcm4908partitionsfwoffset offindnodebypath returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount...

CVE-2022-49535

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

CVE-2022-49535 scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

CVE-2022-49535 scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

CVE-2022-49535

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI If lpfcissueelsflogi fails and returns non-zero status, the node reference count is decremented to trigger the release of the nodelist structure...

CVE-2022-49016

In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I got the following report while doing devicemscc-miim load test with CONFIGOFUNITTEST and CONFIGOFDYNAMIC enabled: OF: ERROR: memory leak, expected refcount 1 instead of 2,...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a node reference count leak...

GSD-2023-1000174 net: mdiobus: fix unbalanced node reference count

net: mdiobus: fix unbalanced node reference count This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.82 by commit...