295 matches found
CVE-2023-52652 NTB: fix possible name leak in ntb_register_device()
In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntbregisterdevice If deviceregister fails in ntbregisterdevice, the device name allocated by devsetname should be freed. As per the comment in deviceregister, callers should use putdevice to give up...
UBUNTU-CVE-2021-47195
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the addlock mutex Commit 6098475d4cb4 "spi: Fix deadlock when adding SPI controllers on SPI buses" introduced a per-controller mutex. But mutexunlock of said lock is called after the controller is alrea...
SUSE CVE-2019-25162
In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the putdevice down a bit to avoid the use after free. wsa: added comment to the code, added Fixes tag...
kernel: thermal: core: call put_device() only after device_register() fails
In the Linux kernel, the following vulnerability has been resolved: thermal: core: call putdevice only after deviceregister fails putdevice shouldn't be called before a prior call to deviceregister. thermalcoolingdeviceregister doesn't follow that properly and needs fixing. Also...
kernel: mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2()
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device refcount leak in mt7915pciinithif2 As comment of pcigetdevice says, it returns a pcidevice with its refcount increased. We need to call pcidevput to decrease the refcount. Save the return value of...
kernel: gpiolib: fix memory leak in gpiochip_setup_dev()
In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix memory leak in gpiochipsetupdev Here is a backtrace report about memory leak detected in gpiochipsetupdev: unreferenced object 0xffff88810b406400 size 512: comm "python3", pid 1682, jiffies 4295346908 age 24.090s...
kernel: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in sndac97devregister, it should call putdevice to give up reference, or the name allocated in devsetname is leaked...
kernel: ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in sndac97devregister, it should call putdevice to give up reference, or the name allocated in devsetname is leaked...
PT-2023-34995 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.9 Description: The issue is related to a call to put device before device register fails, which may have potential security implications. The actual impact and attack plausibility have not yet been proven...
PT-2023-33886 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a missing put device in mport cdev open, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet been proven...
kernel: usb: usbip: fix a refcount leak in stub_probe()
In the Linux kernel, the following vulnerability has been resolved: usb: usbip: fix a refcount leak in stubprobe usbgetdev is called in stubdevicealloc. When stubprobe fails after that, usbputdev needs to be called to release the reference. Fix this by moving usbputdev to sdevfree error path...
kernel: ptp: Fix possible memory leak in ptp_clock_register()
In the Linux kernel, the following vulnerability has been resolved: ptp: Fix possible memory leak in ptpclockregister I got memory leak as follows when doing fault injection test: unreferenced object 0xffff88800906c618 size 8: comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 age 13.188s hex...
PT-2025-53925
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the FSI file system interface component, specifically related to the occ functionality. The issue occurs because the device could ...
DEBIAN-CVE-2019-12819
An issue was discovered in the Linux kernel before 5.0. The function mdiobusregister in drivers/net/phy/mdiobus.c calls putdevice, which will trigger a fixedmdiobusinit use-after-free. This will cause a denial of service...
Linux kernel memory misreference vulnerability (CNVD-2019-38524)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A fixedmdiobusinit memory misreference vulnerability exists in Linux kernel versions prior to 5.0. The vulnerability...