Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fixed the refcount leak in ohcihcdnxpprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the refcount leak...

CVE-2026-45925

A flaw was found in the Linux kernel's thermal management module. A reference leak occurs in the thermalofcmlookup function because a device node trnp obtained through ofparsephandle is not properly released. This issue can lead to resource exhaustion over time, potentially impacting system...

CVE-2026-46030

A flaw was found in the Linux kernel's EDAC/versalnet component. The mcprobe function fails to release a devicenode reference obtained from ofparsephandle. This oversight leads to a memory leak, which could potentially result in a Denial of Service DoS condition due to resource exhaustion...

EUVD-2026-32411

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed r5corenode on any exit path, causing a memory leak. Fix this by usin...

CVE-2026-45925

The CVE pertains to the Linux kernel thermal subsystem. In thermal_of_cm_lookup(), a reference leak occurs because tr_np is obtained via of_parse_phandle() but not released. The fix uses the __free(device_node) cleanup attribute to automatically release the node and close the leak. The connected/...

CVE-2026-45925 thermal/of: Fix reference leak in thermal_of_cm_lookup()

In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...

PT-2026-43792

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference leak occurs in the thermal of cm lookup function. The tr np variable is obtained through of parse phandle but is not released, leading to a memory leak. Recommendations At th...

SUSE CVE-2026-43264

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...

PT-2026-37505

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the Nuvoton hwmon driver. The nct7363 present pwm fanin function fails to call of node put after using of parse phandle with args, which is required to release...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ath10k: Error handling in ath10ksetupmsaresources has been fixed. The devicenode pointer is returned by ofparsephandle, with the refcount incremented. We should use ofnodeput on it after that operation. This function only calls...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipmi:ipmb: Fixed the refcount leak in ipmiipmbprobe. ofparsephandle returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added ofnodeput to prevent the refcount leak from occurrin...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993055)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993055 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: ohci-nxp: Fix refcount leak in ohcihcdnxpprobe ofparsephandle returns a node pointer with...

CVE-2022-50887

CVE-2022-50887 concerns the Linux kernel regulator core: a refcount imbalance in regulator_dev_lookup() caused by unbalanced of_node_get()/of_node_put() in of_get_regulator(), leading to a memory leak as reported (OF: memory leak, expected refcount 1 instead of 2). The connected advisories confir...

CVE-2022-50887 regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix unbalanced of node refcount in regulatordevlookup I got the the following report: OF: ERROR: memory leak, expected refcount 1 instead of 2, ofnodeget/ofnodeput unbalanced - destroy cset entry: attach overlay...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992416)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992416 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797mt6351devprobe ofparsephandle returns a node...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989403 advisory. In the Linux kernel, the following vulnerability has been resolved: ethernet: Fix error handling in xemacliteofprobe This node pointer is returned by ofparsephandle...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989026)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989026 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: ts4800wdt: Fix refcount leak in ts4800wdtprobe ofparsephandle returns a node pointer wi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990006)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990006 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in tidra7xbarrouteallocate ofparsephandle returns a node pointer...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986835)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986835 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adiaxiadcattachclient ofparsephandle returns a node...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986821)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986821 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xxudc: Fix refcount leak in lpc32xxudcprobe ofparsephandle returns a node point...