Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Rapidio: fixed a possible UAF Use-after-Allocation when kfifoalloc fails. If kfifoalloc fails in mportcdevopen, it jumps to errfifo and simply frees priv. However, priv is still in chdev-filelist, and traversing the list may lead...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: rapidio: fixed possible name leaks when rioadddevice fails. The patch series is titled “rapidio: fix three possible memory leaks”. This patchset addresses three name leaks during error handling. – Patch 1 fixes two name leaks...

SUSE CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

CVE-2026-43295

A flaw was found in the Linux kernel's rapidio subsystem. When memory allocation for idtab fails within the rioscanallocnet function, the network object is not correctly freed, resulting in a dangling pointer. This improper memory management could lead to system instability or a denial of service...

EUVD-2026-28565

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

UBUNTU-CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

CVE-2026-43295

The CVE-2026-43295 entry concerns the Linux kernel rapidio subsystem. A memory-management bug in rio_scan_alloc_net() uses rio_free_net() instead of kfree() when idtab allocation fails, leaving the net object potentially unreleased. The fix replaces rio_free_net() with kfree(net) and sets mport-&...

CVE-2026-43295

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

CVE-2026-43295 rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()

In the Linux kernel, the following vulnerability has been resolved: rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to release the memory. Set mport-net to NULL to avoid dangling pointer...

Linux Distros Unpatched Vulnerability : CVE-2026-43295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rapidio: replace riofreenet with kfree in rioscanallocnet When idtab allocation fails, net is not registered with rioaddnet yet, so kfreenet is sufficient to...

PT-2026-38937

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rio scan alloc net function where rio free net was used instead of kfree during a failure in idtab allocation. Because the net is not yet registered with rio add n...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fixed the issue where putdevice was missing in mportcdevopen. When kfifoalloc fails, the reference count of chdev-dev remains incremented. We should use putdevice&chdev-dev to decrement the reference count of...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the name allocated by devsetname need be freed. It should use putdevice to give up the reference in the error path, so that the name can be...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013551)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013551 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013539 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the nam...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011082)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011082 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: fix possible name leak in rioregistermport If deviceregister returns error, the nam...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010897)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010897 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007626 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible UAF when kfifoalloc fails If kfifoalloc fails in mportcdevopen, goto errfif...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005530 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND -...