294 matches found
CVE-2026-53296
A flaw was found in the Linux kernel, specifically within the mailbox-test component. This vulnerability occurs when channels are not correctly released during a probe error, leading to a memory leak and a Use-After-Free UAF condition. A Use-After-Free UAF is a memory corruption vulnerability tha...
CVE-2026-53325
The CVE-2026-53325 entry describes a Linux kernel fix for the AMD64 AGP driver (agp_amd64_probe). Root cause: when no AMD northbridges are found, cache_nbs() can return a negative error, but the probe checked for exactly -1, masking the hardware absence and allowing initialization to proceed. Res...
SUSE CVE-2026-53296
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...
SUSE CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
Linux Distros Unpatched Vulnerability : CVE-2026-53296
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios...
CVE-2026-53296
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...
UBUNTU-CVE-2026-53296
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...
UBUNTU-CVE-2026-53286
In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...
EUVD-2026-39901
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...
CVE-2026-53296
The CVE-2026-53296 entry concerns the Linux kernel mailbox subsystem, specifically the mailbox-test path where channels are freed on probe error. The underlying issue is that channels obtained prior to a probe error must be freed to prevent resource leaks and avoidance of use-after-free (UAF) bec...
CVE-2026-53286
The CVE-2026-53286 issue concerns the Linux kernel IDPF code, specifically an improper handling of auxiliary devices during error paths that can trigger a use-after-free and double-free in iadev structures. In idpf_plug_vport_aux_dev() and idpf_plug_core_aux_dev(), if auxiliary_device_add() fails...
SUSE CVE-2026-53204
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...
PT-2026-52935
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mailbox-test component where channels are not freed during a probe error. This failure to release resources leads to a memory leak and creates Use-After-Free UAF...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: hfcsusb: fixed a memory leak in hfcsusbprobe In hfcsusbprobe, the memory allocated for ctrlurb gets leaked when setupinstance fails with an error code. This issue was addressed by freeing the urb before freeing th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devmregmapinitencx24j600 devmregmapinit may return error which caused by like out of memory, this will results in null pointer dereference later when reading or writing register: general protection...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: Unregisters the ECC engine upon probe error and device removal. The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns an error, and also upon device removal...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref issue, due to deleting a device that was not properly added in mmcremovehost. ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double-free caused by devm The clock obtained through devmclkgetenabled is automatically managed by devres. It will be disabled and freed when the driver is detached. Manual calls to clkdisableunprepare in th...