EUVD-2026-32783

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...

SUSE CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

CVE-2026-45989

In the Linux kernel CVE-2026-45989, a use-after-free occurs in testdrv_probe() where a released device_node (via of_node_put) may later be passed to of_platform_default_populate(), risking use-after-free of the freed pointer. The root cause is that pdev->dev.of_node is owned by the device mode...

CVE-2026-43449 nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues − 1. This patch fixes the loop condition to ensure the index stays with...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmt: fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fixed the PCI device reference count leak in mt7915pciinithif2. According to the comments on pcigetdevice, it returns a pcidevice with its reference count increased. We need to call pcidevput to decrease the referen...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: fixed a memory leak in ath12kpciremove The Kmemleak reported this error: - Unreferenced object: 0xffff1c165cec3060 size 32 - Command: “insmod”, PID 560; duration: 4296964570 seconds 235.596 seconds ago - Backtrace:...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race condition in destroyworkonstack The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013611)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013611 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpuatrmgetbios As comment of pcigetclass says, it...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013362 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcideviceispresent for VFs by checking PF pcideviceispresent previously didn't work for...

CVE-2026-23361

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Endpoint drivers use dwpcieepraisemsixirq to raise an MSI-X interrupt to the host using a writel, which generates a PCI posted write transaction. There's no completio...

CVE-2026-23020

In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortexprobe1 pdev can be null and freering: can be called in 1297 with a null pdev...

CVE-2022-50868

In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...

UBUNTU-CVE-2022-50868

In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...

CVE-2022-50718

CVE-2022-50718 concerns a refcount leak in the Linux kernel related to the amdgpu driver. The provided documents confirm the issue arises because pci_get_domain_bus_and_slot() returns a pci device with an incremented refcount, and the caller must decrement it via pci_dev_put(). The fix, as descri...

CVE-2022-50659 hwrng: geode - Fix PCI device refcount leak

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

CVE-2022-50615

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from snruncoremmiomap not properly freeing the pcidev reference count, which could lead to a memory leak...

CVE-2025-40115

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using iocinfo During mpt3sastransportportremove, messages were logged with devprintk against &mpt3sas;port-port-dev. At this point the SAS transport device may already be...

CVE-2025-40115

In CVE-2025-40115, the Linux kernel scsi/mpt3sas driver fixes a crash during transport_port_remove() when logging messages with dev_printk() to a SAS port that may already be partially unregistered or freed. The fix switches logging to ioc_info() (PCI device) which remains valid until driver remo...