EUVD-2026-32783

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix potential ADE in loongsongpufixupdmahang The switch case in loongsongpufixupdmahang may not DC2 or DC3, and readlcrtcreg will access with random address, because the "device" is from "base+PCIDEVICEID", "base" is...

SUSE CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

UBUNTU-CVE-2026-45989

In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in testdrvprobe The function testdrvprobe retrieves the devicenode from the PCI device, applies an overlay, and then immediately calls ofnodeputdn. This releases the reference held by the PCI core...

CVE-2026-45989

In the Linux kernel CVE-2026-45989, a use-after-free occurs in testdrv_probe() where a released device_node (via of_node_put) may later be passed to of_platform_default_populate(), risking use-after-free of the freed pointer. The root cause is that pdev->dev.of_node is owned by the device mode...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the refcount leak for PCI devices According to the comments on pcigetdomainbusandslot, it returns a PCI device with a refcount that increments after use. The caller must decrement the reference count by calling...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fixed the PCI device reference count leak in mt7915pciinithif2. According to the comments on pcigetdevice, it returns a pcidevice with its reference count increased. We need to call pcidevput to decrease the referen...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/dwcpcie: fixed duplicate PCIDEV devices. During the platformdeviceregister function, the incorrect use of structdevice as platformdata resulted in a kmemdup operation on the PCIDEV device. Even worse, accessing the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed the race condition in destroyworkonstack The following debug object splat was observed during testing: ODEBUG: Freeing an active object active state 0: 0000000097d23782; Object type: workstruct; Hint:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed a crash that occurred during the transportportremove function, by using iocinfo. During this function, messages were logged via devprintk against &mpt3sasport-port-dev. At this point, the SAS transport device...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fixed a memory leak when CONFIGDEBUGOBJECTS=y is enabled. After a pcidoetask completes, its workstruct needs to be destroyed to avoid a memory leak when CONFIGDEBUGOBJECTS=y is set...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: fixed a memory leak in ath12kpciremove The Kmemleak reported this error: - Unreferenced object: 0xffff1c165cec3060 size 32 - Command: “insmod”, PID 560; duration: 4296964570 seconds 235.596 seconds ago - Backtrace:...

Astra Linux - уязвимость в libvirt

A vulnerability was discovered in libvirt. This security flaw occurs due to repeated queries of the capabilities of an SR-IOV PCI device, which leads to a memory leak caused by failure to free the virPCIVirtualFunction array within the parent struct’s gautoptr cleanup...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: PCI: Fixed pcideviceispresent for VFs by checking PF. Previously, pcideviceispresent did not work for VFs because it read the Vendor and Device IDs, which are 0xffff for VFs, implying that these devices are not present. Instead, ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: geode – Fixed the PCI device reference count leak issue. The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference count of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/intel/pmt: fixed an issue with NULL pointer access in crashlog. The use of intelpmtread for binary sysfs requires a pcidev. The current use of the endpoint value is only valid for telemetry endpoint usage. Without th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021533)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021533 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in pprnotifier As comment of pcigetdomainbusandslot says,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021527)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021527 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeonatrmgetbios As comment of pcigetclass says, it...

SUSE CVE-2026-43344

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbeppci2phymapinit, in the nrnodeids 8 path, uncoredevicetodie may return -1 when all CPUs associated with the UBOX device are offline. Remove the WARNONONCEdieid == -1...

CVE-2026-43449 nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues − 1. This patch fixes the loop condition to ensure the index stays with...