162 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed the handling of device lifecycle in cssallocsubchannel. cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel...
SUSE CVE-2026-45981
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
CVE-2026-45981 s390/cio: Fix device lifecycle handling in css_alloc_subchannel()
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported a memory leak in the MDIO bus interface. The problem stemmed from incorrect state logic. The MDIOBUSALLOCATED state indicates two possible statuses: 1. The bus is only allocated. 2. The...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: net: hns: Fixed a possible memory leak in hnaeaeregister. When a fault is injected while probing a module, if deviceregister fails, but the refcount of the kobject is not decreased to 0, the name allocated in devsetname may be...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fixed a possible memory leak if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to release the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: fsl: Fixed a reference count leak in imxsgtl5000probe. The function offindi2cdevicebynode takes a reference; in error-prone paths, we should call putdevice to release that reference, thereby avoiding a reference...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/meson: The refcount leak in mesonencoderhdmiinit has been fixed. The offinddevicebynode function takes a reference; we should use putdevice to release it when it is no longer needed. Add the missing putdevice function in the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fixed resource leaks in offinddevicebynode. Use putdevice to release the object obtained through offinddevicebynode, thereby avoiding resource leaks...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: mmc: sdio: fixed possible resource leaks in some error paths If sdioaddfunc or sdioinitfunc fails, sdioremovefunc cannot release the resources, because the sdio function is not called in these cases, and thus neither ofnodeput...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: fix possible memory leak in solosysfsinit If deviceregister returns an error in solosysfsinit, the name allocated by devsetname needs to be freed. As noted in the comments for deviceregister, it should use...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: mISDN: A possible memory leak in mISDNregisterdevice has been fixed. After committing 1fa5ae857bb1 "driver core: get rid of struct device’s busid string array", the name of the device is allocated dynamically. The putdevice...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: core – A possible memory leak occurs if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to reduce the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ata: pataocteoncf: Fixed a reference count leak in octeoncfprobe. The function offinddevicebynode takes a reference; we should use putdevice to release that reference when it is no longer needed. Added the missing putdevice call ...
CVE-2025-71272
In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in mostregisterinterface error paths The function mostregisterinterface did not correctly release resources if it failed early before registering the device. In these cases, it returned an error code...
CVE-2025-71272
The CVE-2025-71272 entry concerns a Linux kernel resource-leak in most_register_interface(). When initialization fails before device registration, memory for the interface could be leaked. The fix initializes the device early with device_initialize(), calls put_device() on all error paths, and sw...
PT-2026-36394
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the USB ULPI Ultra Low Power Interface component. When the device register function fails, ulpi register invokes put device on ulpi-dev. The device release...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013649)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013649 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmiiprobe ofphyfinddevice return device node...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013864)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013864 advisory. In the Linux kernel, the following vulnerability has been resolved: coresight: syscfg: Fix memleak on registration failure in cscfgcreatedevice deviceregister calls...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013551 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...