302 matches found
CVE-2026-23087 scsi: xen: scsiback: Fix potential memory leak in scsiback_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsibackremove Memory allocated for struct vscsiblkinfo in scsibackprobe is not freed in scsibackremove leading to potential memory leaks on remove, as well as in the scsibackprob...
EUVD-2026-5476
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068
CVE-2026-23068 (Linux kernel) : The spi-sprd-adi driver could double-free the spi_controller on probe failure due to using spi_alloc_host() with devm_spi_register_controller(), then falling through to spi_controller_put() when a restart handler registration failed. The fix switches to devm_spi_al...
CVE-2026-23068 spi: spi-sprd-adi: Fix double free in probe error path
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068 spi: spi-sprd-adi: Fix double free in probe error path
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23068
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
CVE-2026-23015
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...
UBUNTU-CVE-2026-23015
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...
CVE-2026-23033 dmaengine: omap-dma: fix dma_pool resource leak in error paths
In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...
CVE-2026-23015
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...
PT-2026-5518
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpio mpsse probe error paths The reference obtained by calling usb get dev is not released in the gpio mpsse probe error paths. Fix that by using device managed helper functions. Also remove the...
SUSE CVE-2025-68754
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2025-68754
CVE-2025-68754 affects the Linux kernel rtc driver for amlogic-a4. The issue is a double free caused by manually disabling the clock obtained via devm_clk_get_enabled() in error paths, which conflicts with the devm framework’s automatic clock lifecycle management. The recommended remediation is t...
CVE-2025-68754 rtc: amlogic-a4: fix double free caused by devm
In the Linux kernel, the following vulnerability has been resolved: rtc: amlogic-a4: fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
CVE-2023-54204
CVE-2023-54204 affects the Linux kernel mmc sunplus driver. The patch fixes the return value handling of mmc_add_host(); if its error is ignored, memory allocated in mmc_alloc_host() may be leaked and a NULL pointer dereference can occur in spmmc_drv_remove() when deleting a non-added device. The...
CVE-2023-54109 media: rcar_fdp1: Fix refcount leak in probe and remove function
In the Linux kernel, the following vulnerability has been resolved: media: rcarfdp1: Fix refcount leak in probe and remove function rcarfcpget take reference, which should be balanced with rcarfcpput. Add missing rcarfcpput in fdp1remove and the error paths of fdp1probe to fix this. hverkuil:...
CVE-2022-50703
CVE-2022-50703 relates to two refcount-leak bugs in the Linux kernel soc: qcom: smsm driver (qcom_smsm_probe). The issues occur when local_node and node are escaped from for_each_child_of_node() / for_each_available_child_of_node() without proper of_node_put() calls. The fix adds of_node_put() in...
PT-2025-53186
In the Linux kernel, the following vulnerability has been resolved: media: rcar fdp1: Fix refcount leak in probe and remove function rcar fcp get take reference, which should be balanced with rcar fcp put. Add missing rcar fcp put in fdp1 remove and the error paths of fdp1 probe to fix this...
SUSE CVE-2025-68172
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
Linux Distros Unpatched Vulnerability : CVE-2025-68316
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0...