292 matches found
EUVD-2026-32265
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
CVE-2026-45981
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
CVE-2026-45981
In CVE-2026-45981, the Linux kernel s390/cio path css_alloc_subchannel() calls device_initialize() before configuring DMA masks. If dma_set_coherent_mask() or dma_set_mask() fails, the error path frees the subchannel directly, bypassing the device model reference counting. After device_initialize...
CVE-2026-45981 s390/cio: Fix device lifecycle handling in css_alloc_subchannel()
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
PT-2026-43848
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in css alloc subchannel css alloc subchannel calls device initialize before setting up the DMA masks. If dma set coherent mask or dma set mask fails, the error path frees the subchannel...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Thermal: Core – The putdevice function should only be called after deviceregister fails. putdevice should not be called before a previous call to deviceregister. thermalcoolingdeviceregister does not follow this principle...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fixed a double-free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to release the device reference. kfree is not required. Add kfree if idralloc fails, and also in ac97adapterreleas...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ptp: A possible memory leak has been fixed in ptpclockregister. I encountered a memory leak during the fault injection test as follows: Unreferenced object: 0xffff88800906c618 size 8 Command: comm "i2c-idt82p33931", PID: 4421,...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fixed a possible memory leak when the module exits. After committing 1fa5ae857bb1 “driver core: removed the struct device’s busid string array”, the name of the device is allocated dynamically. This allocation needs...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: nfc: Fixed potential resource leaks nfcgetdevice now takes a reference to the device and adds it; nfcputdevice is added to release it when no longer needed. Additionally, the warning message was corrected by using the error co...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Rapidio: Fixed an API misuse when rioaddnet fails. rioaddnet calls deviceregister, and it fails if deviceregister does. Therefore, putdevice should be used instead of kfree. Also, add "mport-net = NULL;" to avoid a...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: mailbox: zynq-ipi: fixed error handling when deviceregister fails When deviceregister fails, there are two issues: 1. The name allocated by devsetname is leaked. 2. The parent of the device is not NULL; deviceunregister is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: vdpasim: Fixed a possible memory leak in vdpasimnetinit and vdpasimblkinit. When a fault is injected while probing a module, if deviceregister fails in vdpasimnetinit or vdpasimblkinit, but the refcount of kobject is not...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: cxl: A possible null-ptr-deref issue has been fixed in cxlpciinitafu|adapter. If deviceregister fails in cxlpciafu|adapter, the device is not added. In this case, deviceunregister cannot be called during the error path. This coul...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: coresight: syscfg: Fixed a memory leak that occurred during registration failures in cscfgcreatedevice. deviceregister calls deviceinitialize. According to the documentation for deviceinitialize: “Use putdevice to release the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021549)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021549 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in...
SUSE CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
EUVD-2025-209672
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...