Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevents deadlock by changing j1939sockslock to rwlock. The following 3 locks may race against each other, causing a deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...

CVE-2025-10865 GPU DDK - DevmemIntGetReservationData does not ref the PMR it returns

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...

EUVD-2025-19742

Malicious code in bioql PyPI...

Mageia: Security Advisory (MGASA-2025-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-52886

Poppler is a PDF rendering library. Versions prior to 25.06.0 use std::atomicint for reference counting. Because std::atomicint is only 32 bits, it is possible to overflow the reference count and trigger a use-after-free. Version 25.06.0 patches the issue...

PT-2025-27644 · Poppler +3 · Poppler +3

Name of the Vulnerable Software and Affected Versions: Poppler versions prior to 25.06.0 Description: The issue is related to the use of std::atomic int for reference counting in the Poppler PDF rendering library. Since std::atomic int is only 32 bits, it is possible to overflow the reference...

SUSE-SU-2025:1026-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

CVE-2022-49212

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmelnandcontrollerinit The reference counting issue happens in several error handling paths on a refcounted object "nc-dmac". In these paths, the function simply returns the error code,...

CVE-2022-49287

In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpmchip The following sequence of operations results in a refcount warning: 1. Open device /dev/tpmrm. 2. Remove module tpmtisspi. 3. Write a TPM command to the file descriptor opened at ste...

CVE-2022-49212 mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmelnandcontrollerinit The reference counting issue happens in several error handling paths on a refcounted object "nc-dmac". In these paths, the function simply returns the error code,...

SUSE-SU-2025:0239-1 Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059164 fixes several issues. The following security issues were fixed: - CVE-2024-36971: Fixed dstnegativeadvice race bsc1226324. - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2022-48956...

CVE-2024-56645

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...

SUSE-SU-2023:4058-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-39192: Fixed an out of bounds read in the netfilter bsc1215858. - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem bsc1215860. -...

PT-2025-13327

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the drm/i915 component. The issue concerned broken reference counting around the request object when GuC support was add...

PT-2024-11071 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability has been resolved in the Linux kernel. The issue occurs when the devres list is torn down during spi unregister controller, causing devices registered wi...

Rust Resource Management Error Vulnerability (CNVD-2021-39556)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust pyo3 crate versions prior to 0.12.4, which stems from a reference counting error and post-release usage in From . No details of the vulnerability are...