4763 matches found
CVE-2026-64170
In the Linux kernel, the following vulnerability has been resolved: spi: qup: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to the clear the DMA channel pointers on setup failure to avoid dereferencing an error pointer...
CVE-2026-64161
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssm-prueth: fix ethportsnode leak in probe The error path on ofpropertyreadu32 failure inside icssmpruethprobe returns without putting ethportsnode, which was acquired before the foreachchildofnode loop. Drop it before...
CVE-2026-64071
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix use-after-free in nvmefreehostmem nvmefreehostmem frees dev-hmbsgt via dmafreenoncontiguous but never clears the pointer afterward. This leads to a use-after-free if nvmefreehostmem is called twice in the same error...
CVE-2026-64170 spi: qup: fix error pointer deref after DMA setup failure
In the Linux kernel, the following vulnerability has been resolved: spi: qup: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to the clear the DMA channel pointers on setup failure to avoid dereferencing an error pointer...
CVE-2026-64169 spi: ep93xx: fix error pointer deref after DMA setup failure
In the Linux kernel, the following vulnerability has been resolved: spi: ep93xx: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to the clear the DMA channel pointers on setup failure to avoid dereferencing an error...
EUVD-2026-45854
In the Linux kernel, the following vulnerability has been resolved: spi: ep93xx: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to the clear the DMA channel pointers on setup failure to avoid dereferencing an error...
EUVD-2026-45855
In the Linux kernel, the following vulnerability has been resolved: spi: qup: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to the clear the DMA channel pointers on setup failure to avoid dereferencing an error pointer...
CVE-2026-64168
The CVE-2026-64168 entry describes a Linux kernel SPI driver issue (spi: sprd) where a DMA setup failure could lead to a dereferenced error pointer or double-release of DMA channels. The fix makes the driver fall back to PIO on DMA setup failure and adds a check of the dma.enabled flag before rel...
CVE-2026-64168
In the Linux kernel, the following vulnerability has been resolved: spi: sprd: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to check the dma.enabled flag before trying to release the DMA channels also on late probe...
EUVD-2026-45853
In the Linux kernel, the following vulnerability has been resolved: spi: sprd: fix error pointer deref after DMA setup failure The driver falls back to PIO mode if DMA setup fails during probe. Make sure to check the dma.enabled flag before trying to release the DMA channels also on late probe...
CVE-2026-64161
CVE-2026-64161 concerns the Linux kernel: a leak of the early-allocated eth_ports_node in the net: ti: icssm-prueth driver during icssm_prueth_probe() when of_property_read_u32() fails. The error path returns without releasing eth_ports_node, which was acquired before iterating children, and the ...
CVE-2026-64161 net: ti: icssm-prueth: fix eth_ports_node leak in probe
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssm-prueth: fix ethportsnode leak in probe The error path on ofpropertyreadu32 failure inside icssmpruethprobe returns without putting ethportsnode, which was acquired before the foreachchildofnode loop. Drop it before...
CVE-2026-64161
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssm-prueth: fix ethportsnode leak in probe The error path on ofpropertyreadu32 failure inside icssmpruethprobe returns without putting ethportsnode, which was acquired before the foreachchildofnode loop. Drop it before...
CVE-2026-64071
The CVE-2026-64071 issue is a use-after-free in the Linux kernel nvme-pci path. In nvme_free_host_mem(), dev->hmb_sgt is freed via dma_free_noncontiguous() but the pointer is not cleared, so a second call in the nvme_probe() error path (nvme_setup_host_mem() succeeds, nvme_set_host_mem() fails...
EUVD-2026-45545
In the Linux kernel, the following vulnerability has been resolved: spi: mtk-snfi: unregister ECC engine on probe failure and remove callback mtksnandprobe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup action aft...
CVE-2026-63907 uio: uio_pci_generic_sva: fix double free of devm_kzalloc() memory
In the Linux kernel, the following vulnerability has been resolved: uio: uiopcigenericsva: fix double free of devmkzalloc memory uiopcisva allocates struct uiopcisvadev with devmkzalloc in probe, but then calls kfreeudev both on the probe error path label outfree and again in remove. Because...
CVE-2026-63906
CVE-2026-63906 concerns the Linux kernel USB MUSB driver for omap2430. The bug is a use-after-free in omap2430_probe caused by premature of_node_put(np); the reference count may drop to zero before the last access. The fix moves the of_node_put() calls to after the last use of np in both success ...
CVE-2026-63861 spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback
In the Linux kernel, the following vulnerability has been resolved: spi: mtk-snfi: unregister ECC engine on probe failure and remove callback mtksnandprobe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup action aft...
CVE-2026-63861
The CVE covers a Linux kernel SPI subsystem issue: the mtk-snfi (on-host NAND ECC) engine registered during mtk_snand_probe() lacked proper teardown on probe unwind and remove-time cleanup. The fix introduces a devm cleanup action so nand_ecc_unregister_on_host_hw_engine() is automatically invoke...
CVE-2026-63797
In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix use-after-free on probe error path rpmsgchrdevprobe stores the newly allocated eptdev in the default endpoint's priv pointer before calling rpmsgchrdeveptdevadd. If rpmsgchrdeveptdevadd then fails, its error path...