29 matches found
OESA-2026-2415 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the devi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: sd: Fixed the potential NULL pointer dereferencing issue. If sdprobe encounters an error before sdkp-device is initialized, sdzbcreleasedisk is called. This leads to a NULL pointer dereferencing issue when sdiszoned is call...
Linux Distros Unpatched Vulnerability : CVE-2026-43246
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: i2c/tw9906: Fix potential memory leak in tw9906probe In one of the error paths in tw9906probe, the memory allocated in v4l2ctrlhandlerinit and...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix WARNON in iommu probe path Commit 1a75cc710b95 "iommu/vt-d: Use rbtree to track iommu probed devices" adds all devices probed by the iommu driver in a rbtree indexed by the source ID of each device. It assumes tha...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011097)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011097 advisory. In the Linux kernel, the following vulnerability has been resolved: r6040: Fix kmemleak in probe and remove There is a memory leaks reported by kmemleak: unreferenc...
CVE-2026-23087
In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsibackremove Memory allocated for struct vscsiblkinfo in scsibackprobe is not freed in scsibackremove leading to potential memory leaks on remove, as well as in the scsibackprob...
CVE-2026-23068
In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...
SUSE CVE-2022-50725
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...
CVE-2023-54109
In the Linux kernel, the following vulnerability has been resolved: media: rcarfdp1: Fix refcount leak in probe and remove function rcarfcpget take reference, which should be balanced with rcarfcpput. Add missing rcarfcpput in fdp1remove and the error paths of fdp1probe to fix this. hverkuil:...
CVE-2023-54109
In the Linux kernel, the following vulnerability has been resolved: media: rcarfdp1: Fix refcount leak in probe and remove function rcarfcpget take reference, which should be balanced with rcarfcpput. Add missing rcarfcpput in fdp1remove and the error paths of fdp1probe to fix this. hverkuil:...
CVE-2025-68172 crypto: aspeed - fix double free caused by devm
In the Linux kernel, the following vulnerability has been resolved: crypto: aspeed - fix double free caused by devm The clock obtained via devmclkgetenabled is automatically managed by devres and will be disabled and freed on driver detach. Manually calling clkdisableunprepare in error path and...
EUVD-2022-55388
Malicious code in bioql PyPI...
PT-2025-38340
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak was identified in the mt8183 mt6358 ts3a227 max98357 dev probe function within the ASoC ALSA on System-on-Chip subsystem for MediaTek mt8183 platforms. The issue...
CVE-2022-50357
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; so there is some additional clean up required on these error paths...
UBUNTU-CVE-2022-50326
In the Linux kernel, the following vulnerability has been resolved: media: airspy: fix memory leak in airspy probe The commit ca9dc8d06ab6 "media: airspy: respect the DMA coherency rules" moves variable buf from stack to heap, however, it only frees buf in the error handling code, missing...
SUSE CVE-2025-38423
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd9375: Fix double free of regulator supplies Driver gets regulator supplies in probe path with devmregulatorbulkget, so should not call regulatorbulkfree in error and remove paths to avoid double free...
PT-2025-33574
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw where the indio dev-dev structure is used before initialization in various probe functions. This can lead to a kernel panic when functions like devm...
DEBIAN-CVE-2025-37971
In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2dev Commit 42a2f6664e18 "staging: vc04services: Move global gstate to vchiqstate" changed mmalinit to pass dev-v4l2dev.dev to vchiqmmalinit, however nothing iniitialised dev-v4l2dev,...
SUSE CVE-2025-37805
In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace: 8.713365 T221...
SUSE CVE-2025-38240
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in HPD path to avoid NULL ptr The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically it can be called via this callpath: -...