EUVD-2026-32783

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...

SUSE CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

UBUNTU-CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

CVE-2026-45989

In the Linux kernel CVE-2026-45989, a use-after-free occurs in testdrv_probe() where a released device_node (via of_node_put) may later be passed to of_platform_default_populate(), risking use-after-free of the freed pointer. The root cause is that pdev->dev.of_node is owned by the device mode...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the refcount leak for PCI devices According to the comments on pcigetdomainbusandslot, it returns a PCI device with a refcount that increments after use. The caller must decrement the reference count by calling...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: hwmon: In coretemp, a leak of the reference count for PCI devices was addressed in nv1aramnew. According to the comments on pcigetdomainbusandslot, it returns a PCI device whose reference count is incremented after use. The calle...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fixed the PCI device reference count leak in mt7915pciinithif2. According to the comments on pcigetdevice, it returns a pcidevice with its reference count increased. We need to call pcidevput to decrease the referen...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/dwcpcie: fixed duplicate PCIDEV devices. During the platformdeviceregister function, the incorrect use of structdevice as platformdata resulted in a kmemdup operation on the PCIDEV device. Even worse, accessing the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race condition in destroyworkonstack The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: The issue of reference count leak for PCI devices in hasexternalpci has been fixed. foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed a crash that occurred during the transportportremove function, by using iocinfo. During this function, messages were logged via devprintk against &mpt3sasport-port-dev. At this point, the SAS transport device...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed a memory leak when CONFIGDEBUGOBJECTS=y is enabled. After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak when CONFIGDEBUGOBJECTS=y is set...

Astra Linux - уязвимость в libvirt

A vulnerability was discovered in libvirt. This security flaw occurs due to repeated queries of the capabilities of an SR-IOV PCI device, which leads to a memory leak caused by failure to free the virPCIVirtualFunction array within the parent struct’s gautoptr cleanup...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: fixed a memory leak in ath12kpciremove The Kmemleak reported this error: - Unreferenced object: 0xffff1c165cec3060 size 32 - Command: “insmod”, PID 560; duration: 4296964570 seconds 235.596 seconds ago - Backtrace:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed pcideviceispresent for VFs by checking PF. Previously, pcideviceispresent did not work for VFs because it read the Vendor and Device IDs, which are 0xffff for VFs, implying that these devices are not present. Instead, ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: geode – Fixed the PCI device reference count leak issue. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference count of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmt: fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpa: fixed a use-after-free in vpvdparemove. When the vpvdpa driver is unbound, vpvdpa is freed in vdpaunregisterdevice, and then vpvdpa-mdev.pcidev is dereferenced in vpmodernremove, triggering a use-after-free. Call trace for...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021533)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021533 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in pprnotifier As comment of pcigetdomainbusandslot says,...