103 matches found
SUSE CVE-2026-53267
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...
PT-2026-52952
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the drm/amd/display component. The functions dc dmub srv log diagnostic data and dc dmub srv enable dpia trace perform a check on the dc dmub srv...
PT-2026-51731
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the BPF Berkeley Packet Filter subsystem. The function bpf selem unlink nofail sets the smap variable to NULL before removing the element from the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the XDPTX path. For the XDPTX action in bnxtrxxdp, clearing the event flags is incorrect. The sequence of calls bnxtpollwork - bnxtrxpkt - bnxtrxxdp may involve looping within the NAPI, and some event flags might be...
UBUNTU-CVE-2026-46176
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...
CVE-2026-46229
The CVE-2026-46229 issue affects the Linux kernel’s DRM/AMDKFD path: KFD VRAM allocations could leave stale data because AMDGPU_GEM_CREATE_VRAM_CLEARED was not applied in the KFD code path, unlike the GEM/user paths which already set VRAM_CLEARED. This allowed stale page-table remnants to leak in...
CVE-2026-46021
In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermalzonedeviceregisterwithtrips fails after adding a thermal governor to the thermal zone being registered, the governor is not removed from it as appropriate which ma...
CVE-2026-46079
In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when deviceadddisk fails dorbdadd publishes the device with deviceadd before calling deviceadddisk. If deviceadddisk fails after deviceadd succeeds, the error path calls rbdfreedisk directly and then later...
CVE-2026-45964 SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...
CVE-2026-45992
ALSA: caiaq: Fix potentially leftover ep1inurb at error path...
CVE-2026-43496
CVE-2026-43496 affects the Linux kernel net/sched subsystem (sch_red). When red qdiscs with children (e.g., qfq) perform a peek() to expose an skb and then immediately dequeue from the child, the code path could dereference NULL and trigger a kernel panic. The fix changes the sequence from direct...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices was fixed in dmardevscopeinit. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: espintcp: fixed skb leaks. Several error paths now include a kfreeskb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups. Oliver reported that x86pmudel actually performs an out-of-bound memory access when groupschedin fails and requires a rollback. This issue should be handled through transaction...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: NTB: Fixed a possible name leak in ntbregisterdevice. If deviceregister fails in ntbregisterdevice, the device name allocated by devsetname should be freed. According to the comment in deviceregister, callers should use putdevice...
SUSE CVE-2026-43355
In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...
CVE-2026-43372
In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If requestthreadedirq fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the kszptpirqsetup's error path only frees the mappings...
CVE-2026-43358
In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in tryreleasesubpageextentbuffer Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer because there is a rcureadunlock call past the loop. This has been detected by...
UBUNTU-CVE-2026-43419
In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in cephmdscbuildpath Add putname calls to error code paths that did not free the "path" pointer obtained by getname. If ownership of this pointer is not passed to the caller via pathinfo.path, the function...
CVE-2026-43372
CVE-2026-43372 resolves a leak in the Linux kernel Microchip DSA driver during PTP IRQ setup. If request_threaded_irq() fails, the error path previously only freed mappings that had succeeded; now the kernel disposes the newly created IRQ mapping to prevent resource exhaustion. Affected component...