Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/xics: fixed the refcount leak in icpopalinit The offindcompatiblenode function returns a node pointer with the refcount incremented. Use ofnodeput on it when the function is completed...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: renesas: Fixed the refcount leak bug In usbhsrza1hardwareinit, the offindnodebyname function will return a node pointer with the refcount incremented. We should use ofnodeput when the node pointer is no longer needed...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fixed error handling in mxssgtl5000probe. This function only calls ofnodeput in the regular path. It will cause a refcount leak in error-prone paths. For example, when codecnp is NULL, saifnp0 and saifnp1 are not NULL,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: mt8173: Fixed a refcount leak in the mt8173rt5650rt5676devprobe function. The ofparsephandle function returns a node pointer with a refcount incremented; we should use ofnodeput on it when it is no longer neede...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: The refcount leak in a6xxgpuinit has been fixed. The ofparsephandle function returns a node pointer with the refcount incremented. We should use ofnodeput on this pointer when we no longer need it. The a6xxgmuinit...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: rockchip: Fixed the refcount leak in rockchipgrfinit. offindmatchingnodeandmatch returns a node pointer with a incremented refcount. We should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mxs-saif: Fixed a refcount leak in mxssaifprobe. The function ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fixed a refcount leak in mt8183mt6358ts3a227max98357devprobe. The node returned by ofparsephandle has a refcount that is incremented; ofnodeput must be called when using it again. Therefore, this issue nee...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - clk: tegra: Fixed a refcount leak in tegra114clockinit. - offindmatchingnode returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. - Added ofnodeput to avoid...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: qcom: smsmm: Fixed refcount leaks in qcomsmsmprobe There are two refcount leaks in qcomsmsmprobe: 1 The localnode variable is escaped from foreachchildofnode at the end of the iteration. We should call ofnodeput for it in...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rpmsg: qcomsmd: Fixed a refcount leak in qcomsmdParseedge. In qcomsmdParseedge, ofparsephandle returns a node pointer with a refcount incremented. We should use ofnodeput on this pointer after processing...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xxudc: Fixed the refcount leak in lpc32xxudcprobe. The ofparsephandle function returns a node pointer with the refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Add the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix the refcount leak in sifivegpioprobe. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: A refcount leak has been fixed in formatshow. A refcount leak occurs when formatshow returns an error in multiple cases. Unified management of ofnodeput can fix this issue...

SUSE CVE-2026-46308

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsysgetbusprotectionlegacy In scpsysgetbusprotectionlegacy, offindnodewithproperty returns a device node with its reference count incremented. The function then calls ofnodeputnode befo...

UBUNTU-CVE-2026-46288

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in ofunittestchangeset The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct devicenode. The call to ofnodeputnchangeset can...

CVE-2026-46308

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsysgetbusprotectionlegacy In scpsysgetbusprotectionlegacy, offindnodewithproperty returns a device node with its reference count incremented. The function then calls ofnodeputnode befo...

CVE-2026-46308

In the Linux kernel, a use-after-free was fixed in mediatek’s scpsys_get_bus_protection_legacy by moving of_node_put(node) after the error check, preventing use of a freed device node when syscon_regmap_lookup_by_phandle() errors. Affected: Linux kernel code path; vulnerability details and risk a...

EUVD-2026-35173

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsysgetbusprotectionlegacy In scpsysgetbusprotectionlegacy, offindnodewithproperty returns a device node with its reference count incremented. The function then calls ofnodeputnode befo...

CVE-2026-46288

CVE-2026-46288 (Linux kernel). The issue is a use-after-free in unittest changeset handling of device-tree nodes: a pointer (parent) shares the same struct device_node as nchangeset, and of_node_put(nchangeset) can drop the refcount to zero while code still uses parent to inspect properties, lead...