CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

CVE-2026-23015 gpio: mpsse: fix reference leak in gpio_mpsse_probe() error paths

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

CVE-2026-23015 gpio: mpsse: fix reference leak in gpio_mpsse_probe() error paths

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

Linux Kernel Security Vulnerabilities

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a reference leak in the wrong path of the gpiompsseprobe function...

Linux Distros Unpatched Vulnerability : CVE-2026-23030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phy: rockchip: inno-usb2: Fix a double free bug in rockchipusb2phyprobe The foreachavailablechildofnode calls ofnodeput to release childnp in each success loop...

PT-2026-5513

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures e.g. probe deferral...

PT-2026-5518

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpio mpsse probe error paths The reference obtained by calling usb get dev is not released in the gpio mpsse probe error paths. Fix that by using device managed helper functions. Also remove the...

ROS-20260128-73-0007

A vulnerability in the ishprobe function of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2026-24117

A Server-Side Request Forgery SSRF flaw has been discovered in the Rekor transparency log tool. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public key via user-provided URL. Since the SSRF only can...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005016)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005016 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fix error handling in mmcspiprobe If mmcaddhost fails, it doesn't need to call...

kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability

A flaw was found in the Linux kernel's irqchip/gic-v2m component. This vulnerability allows a use-after-free condition via gicv2mgetfwnode being wrongly marked as init, causing it to be freed while still registered with the PCI Peripheral Component Interconnect subsystem during a PCI host bridge...

kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability

A flaw was found in the Linux kernel's irqchip/gic-v2m component. This vulnerability allows a use-after-free condition via gicv2mgetfwnode being wrongly marked as init, causing it to be freed while still registered with the PCI Peripheral Component Interconnect subsystem during a PCI host bridge...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004829)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004829 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: serial: jsm: fix some leaks in probe This error path needs to unwind instead of just...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004871 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004911)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004911 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8173: Fix refcount leak in mt8173rt5650rt5676devprobe ofparsephandle returns a...

CVE-2026-24117

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public key via user-provided URL. Since the SSRF only can trigger GET requests, the request cannot mutate...

Azure Linux 3.0 Security Update: kernel (CVE-2025-23148)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23148 advisory. - In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: Add NULL...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37972)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37972 advisory. - In the Linux kernel, the following vulnerability has been resolved: Input: mtk-pmic-keys - fix possible null...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37874)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37874 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbeprobe...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37786)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37786 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe...