12 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fixed a possible memory leak if deviceadd fails. If deviceadd returns an error, the name allocated by devsetname needs to be freed. As noted in the comments for deviceadd, putdevice should be used to reduce the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013864)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013864 advisory. In the Linux kernel, the following vulnerability has been resolved: coresight: syscfg: Fix memleak on registration failure in cscfgcreatedevice deviceregister calls...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010897)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010897 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...
SUSE CVE-2022-50672
In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while deviceregister fails If deviceregister fails, it has two issues: 1. The name allocated by devsetname is leaked. 2. The parent of device is not NULL, deviceunregister is called in...
CVE-2022-50481 cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
In the Linux kernel, the following vulnerability has been resolved: cxl: fix possible null-ptr-deref in cxlguestinitafu|adapter If deviceregister fails in cxlregisterafu|adapter, the device is not added, deviceunregister can not be called in the error path, otherwise it will cause a null-ptr-dere...
EUVD-2022-55613
Malicious code in bioql PyPI...
CVE-2022-50349
In the Linux kernel, the following vulnerability has been resolved: misc: tifm: fix possible memory leak in tifm7xx1switchmedia If deviceregister returns error in tifm7xx1switchmedia, name of kobject which is allocated in devsetname called in deviceadd is leaked. Never directly free @dev after...
CVE-2022-50349
The connected advisories for CVE-2022-50349 describe a Linux kernel memory-leak fix in tifm: tifm_7xx1_switch_media. If device_register() fails, the kobject name allocated in dev_set_name() during device_add() is leaked. The recommended remediation is not to free @dev after device_register(), and...
SUSE CVE-2022-49915
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDNregisterdevice Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, add putdevice to give up the reference, so...
UBUNTU-CVE-2022-49780
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fix possible name leak in tcmloopsetuphbabus If deviceregister fails in tcmloopsetuphbabus, the name allocated by devsetname need be freed. As comment of deviceregister says, it should use putdevice to give...
CVE-2022-49818 mISDN: fix misuse of put_device() in mISDN_register_device()
In the Linux kernel, the following vulnerability has been resolved: mISDN: fix misuse of putdevice in mISDNregisterdevice We should not release reference by putdevice before calling deviceinitialize...
CVE-2022-49354
CVE-2022-49354 is a Linux kernel issue where a refcount leak in octeon_pata_OCTEON code was fixed. The vulnerability stems from refcount handling in pata_octeon_cf during octeon_cf_probe and in the usage of of_find_device_by_node() which took a reference but was not released with put_device(). Th...