SUSE CVE-2026-31530

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parentport in cxldetachep cxldetachep is called during bottom-up removal when all CXL memory devices beneath a switch port have been removed. For each port in the hierarchy it locks both the port a...

CVE-2026-31530

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parentport in cxldetachep cxldetachep is called during bottom-up removal when all CXL memory devices beneath a switch port have been removed. For each port in the hierarchy it locks both the port a...

Siemens Ruggedcom ROX Use After Free (CVE-2021-47358)

In the Linux kernel, the following vulnerability has been resolved: staging: greybus: uart: fix tty use after free User space can hold a tty open indefinitely and tty drivers must not release the underlying structures until the last user is gone. Switch to using the tty-port reference counter to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an internal port object reference count that is not properly decremented, which could lead to a memory leak...

CVE-2022-50574

Summary: CVE-2022-50574 concerns the Linux kernel driver chain for DRM/OMAP DSS where a refcount leak could occur. The root cause, as described, is missing calls to of_node_put() for the reference returned by of_graph_get_port_by_id() in fail paths or when the reference is no longer used. Impact ...

CVE-2022-50574 drm/omap: dss: Fix refcount leak bugs

In the Linux kernel, the following vulnerability has been resolved: drm/omap: dss: Fix refcount leak bugs In dssinitports and dssuninitports, we should call ofnodeput for the reference returned by ofgraphgetportbyid in fail path or when it is not used anymore...

EUVD-2022-55309

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device...

SUSE CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

UBUNTU-CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

CVE-2025-39872

Summary (CVE-2025-39872) : The vulnerability affects the Linux kernel’s hsr code path. The bug arises in hsr_get_port_ndev, where hsr_for_each_port requires an RCU lock while the caller later needs a valid device reference, creating a UaF risk. Documents from Red Hat, Debian, and OSS/OSV portals ...

UBUNTU-CVE-2022-50038

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in mesonvpuhasavailableconnectors In this function, there are two refcount leak bugs: 1 when breaking out of foreachendpointofnode, we need call the ofnodeput for the 'ep'; 2 we should call ofnodeput...

CVE-2022-49223 cxl/port: Hold port reference until decoder release

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cxl/port not holding a port reference before decoder release, which could lead to post-release reuse...

kernel: cxl/port: Hold port reference until decoder release

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...

GSD-2022-1001228 cxl/port: Hold port reference until decoder release

cxl/port: Hold port reference until decoder release This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...