EUVD-2026-28701

In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xesyncentryparse can allocate references syncobj, fence, chain fence, or user fence before hitting a later failure path. Several of those paths returned directly,...

CVE-2026-23471

In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drmdevunplug When trying to do a rather aggressive test of igt's "xemoduleload --r reload" with a full desktop environment and game running I noticed a few...

CVE-2026-23426 drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse()

In the Linux kernel, the following vulnerability has been resolved: drm/logicvc: Fix device node reference leak in logicvcdrmconfigparse The logicvcdrmconfigparse function calls ofgetchildbyname to find the "layers" node but fails to release the reference, leading to a device node reference leak...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993199)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993199 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE c...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991165 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE c...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989667 advisory. In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDNregisterdevice Afer commit 1fa5ae857bb1 driver core: get...

SUSE CVE-2022-49939

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, the target proc normally releases the failed reference upon close as...

CVE-2022-49939 binder: fix UAF of ref->proc caused by race condition

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, the target proc normally releases the failed reference upon close as...

CVE-2022-49893

CVE-2022-49893 concerns a Linux kernel issue where the cxl/region leak occurs if a region is deleted. The fix ensures that, during unregister_region(), all targets previously assigned to the region are detached, so their references to the region drop and the region object is not leaked after sysf...

SUSE CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

UBUNTU-CVE-2024-56554

In the Linux kernel, the following vulnerability has been resolved: binder: fix freeze UAF in binderreleasework When a binder reference is cleaned up, any freeze work queued in the associated process should also be removed. Otherwise, the reference is freed while its ref-freeze.work is still queu...

CVE-2024-56554

CVE-2024-56554: Linux kernel binder use-after-free due to freeze work left queued when cleaning up a binder reference. The issue occurs when a reference is freed while ref->freeze.work remains queued in the process workqueue, triggering KASAN slab-use-after-free in binder_release_work. A patch...