Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8183: fixed a refcount leak in mt8183mt6358ts3a227max98357devprobe. The node returned by ofparsephandle has a refcount that is incremented; ofnodeput must be called when using it again. Therefore, this issue nee...

SUSE CVE-2026-52904

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...

EUVD-2026-35433

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkmdevice leak on aperture removal failure When apertureremoveconflictingpcidevices fails during probe, the error path returns directly without unwinding the nvkmdevice that was just allocated by nvkmdevicepcine...

PT-2026-47790

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the drm/nouveau component when aperture remove conflicting pci devices fails during the probe process. The error path returns immediately without releasing the nv...

PT-2026-47384

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error pointer dereference occurs in the intel/ipu6 media component. In a specific error path, the isp-psys variable is confirmed to be an error pointer rather than NULL, leading to a...

SUSE CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

CVE-2026-46004

CVE-2026-46004 concerns the Linux kernel ALSA caiaq driver. The issue stems from the probe path in setup_card(), where error handling was insufficient: on certain errors the code could drop into non-fatal paths, risking a use-after-free (UAF) on subsequent caiaq-initiated calls. The patch introdu...

CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

EUVD-2026-32301

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

CVE-2026-46004 ALSA: caiaq: Handle probe errors properly

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI/bwctrl: Fixed NULL pointer dereferencing when bus numbers are exhausted. When the BIOS fails to assign bus numbers to PCI bridges, the kernel attempts to correct this during PCI device enumeration. If there are no availabl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devmregmapinitencx24j600 devmregmapinit may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general protection...

CVE-2025-71299

A flaw was found in the Linux kernel's spi-cadence-quadspi driver. When processing Device Tree DT descriptions for attached flash devices, a missing or broken DT description can lead to a runtime power management PM disable in the error handling path of the probe function. This can result in...

CVE-2025-71299

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

CVE-2025-71299 spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

CVE-2025-71299

CVE-2025-71299 affects the Linux kernel driver spi_cadence_quadspi. The root cause is a runtime PM interaction during probe: a pm_runtime_disable in error paths could lead to duplicate clock disables when PM is active, especially with missing/broken DT descriptions for flash devices. The document...

CVE-2026-43246

A flaw was found in the Linux kernel's tw9906 driver. An issue in an error path within the tw9906probe function can lead to a memory leak. Specifically, memory allocated during the initialization of the video for Linux 2 V4L2 control handler is not properly released, which could result in system...

SUSE CVE-2026-43177

In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...

Linux Distros Unpatched Vulnerability : CVE-2026-43144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: brcmfmac: Fix potential kernel oops when probe fails When probe of the sdio brcmfmac device fails for some reasons i.e. missing firmware, the sdiodev-bus ...

CVE-2026-43218

A flaw was found in the tw9903 driver within the Linux kernel. This vulnerability occurs in an error handling path of the tw9903probe function, where memory allocated for video for Linux 2 V4L2 control handlers is not properly released. This oversight can lead to a memory leak, potentially causin...