Linux Distros Unpatched Vulnerability : CVE-2026-53232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwis...

CVE-2026-53232

In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...

UBUNTU-CVE-2026-53232

In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...

UBUNTU-CVE-2026-53261

In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devlunregister, which calls devlinkrelput. This misses devlink instances that get a nested relation before registration and then fa...

EUVD-2026-39212

In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devlunregister, which calls devlinkrelput. This misses devlink instances that get a nested relation before registration and then fa...

CVE-2026-53261

CVE-2026-53261 (Linux kernel devlink): A nested devlink relation may leak if a child is linked before registration and probe fails; devl_unregister() does not run, so devlink->rel isn’t released. The fix releases any pending relation from devlink_free(), leaving the registered path unchanged b...

CVE-2026-53232 net: phy: clean the sfp upstream if phy probing fails

In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...

EUVD-2026-39323

In the Linux kernel, the following vulnerability has been resolved: net: phy: clean the sfp upstream if phy probing fails Sashiko reported that we don't call sfpbusdelupstream in the probe failure path, so let's add it, otherwise the sfp-bus is left with a dangling 'upstream' field, that may be...

CVE-2026-53232

The CVE-2026-53232 entry concerns the Linux kernel net: phy component. The root cause is that on PHY probing failure, the SFP upstream is not cleaned up, leaving a dangling upstream reference on the SFP bus. Impact is potential system instability or unexpected behavior during SFP events. The issu...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: wifi: iwlwifi: pcie: fixed a possible NULL pointer dereference issue It is possible that iwlpciprobe may fail and free the trans structure. After that, iwlpciRemove may be called, but it will crash when trying to access a tran...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd-mbhc-v2: fixed resource leaks during component removal The MBHC resources must be released in case of component probe failures and removals; therefore, they cannot be tied to the lifetime of the component device...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: mcb: fixed a resource leak in mcbprobe When the probe hook function failed in mcbprobe, the device was not added to the list of devices available for use. Compiled test only...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to remove the references made when looking up the ICU device during probe failures e.g., probe deferrals...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fixed the DMA buffer leak issue. Release the DMA buffer when probe returns an error to avoid memory leaks...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Memory issue: fslifc – fixed the leak of private memory during probe failures. During probe errors, the driver should release the memory allocated for private structures. This issue was fixed by using resource-managed allocation...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - media: meson: vdec: fixed a possible refcount leak in vdecprobe - v4l2deviceunregister must be called to reset the refcount obtained by v4l2deviceregister when vdecprobe fails or vdecremove is called...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: ACPI: GTDT: Do not corrupt interrupt mappings during watchdog probe failures When the driver probe fails due to invalid firmware properties, the GTDT driver unmaps the interrupt that was previously mapped. However, it never check...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fixed NULL pointer dereferencing when printing devname When larbdev is NULL in the case I encountered, the node is incorrectly set as iommu = &iommu NUM, it will cause devicelinkadd to fail and the kernel to crash...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: appletbkbd: fixed the reference counting of the “appletbbacklight” backlight device. During the appletbkbdprobe process, the probe attempts to retrieve the backlight device by name. When this occurs, the function...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: aacraid: Fixed a double-free on probe failure. The aacprobeone function calls hardware-specific initialization functions through the aacdriverident::init pointer. All of these functions ultimately call aacinitadapter. If...