PT-2026-6161

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a reference to a 'th' device is leaked during output device open operations, both on errors and when closing the device. A prior commit addressed...

EUVD-2022-55739

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siwqpdestroy call, so...

DEBIAN-CVE-2022-50666

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siwqpdestroy call, so...

UBUNTU-CVE-2025-40316

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...

CVE-2025-40316 drm/mediatek: Fix device use-after-free on unbind

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but failed to remove a partial fix which had been added by commit...

CVE-2025-40316

CVE-2025-40316 concerns a Linux kernel drm/mediatek issue where a reference imbalance can cause a use-after-free on device bind/unbind. The initial description notes a fix that reverts a partial earlier patch and ensures references are dropped after retrieving driver data, preventing reference le...

CVE-2025-40194 cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request()

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

EUVD-2025-11214

Malicious code in bioql PyPI...

SUSE CVE-2025-22071

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak in spufscreatecontext Leak fixes back in 2008 missed one case - if we are trying to set affinity and spufsmkdir fails, we need to drop the reference to neighbor...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42152)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42152 advisory. - In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy ...

CVE-2025-21683

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

CVE-2025-21683 bpf: Fix bpf_sk_select_reuseport() memory leak

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

PT-2026-5512

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak exists in the dmaengine subsystem, specifically within the stm32 dmamux component, during route allocation. The issue stems from failing to release a reference to the DMA m...

PT-2026-5511

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak exists in the dma-crossbar driver on the am335x platform during route allocation. The issue occurs because a reference to the crossbar platform device is not dropped when...

UBUNTU-CVE-2024-56749

In the Linux kernel, the following vulnerability has been resolved: dlm: fix dlmrecovermembers refcount on error If dlmrecovermembers fails we don't drop the references of the previous created rootlist that holds and keep all rsbs alive during the recovery. It might be not an unlikely event becau...

UBUNTU-CVE-2024-42152

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

CVE-2024-42152 nvmet: fix a possible leak when destroy a ctrl during qp establishment

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

CVE-2024-42152 nvmet: fix a possible leak when destroy a ctrl during qp establishment

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a possible leak when destroy a ctrl during qp establishment In nvmetsqdestroy we capture sq-ctrl early and if it is non-NULL we know that a ctrl was allocated in the admin connect request handler and we need to release...

DEBIAN-CVE-2024-26750

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop oobskb ref before purging queue in GC. syzbot reported another task hung in unixgc. 0 The current while loop assumes that all of the left candidates have oobskb and calling kfreeskboobskb releases the remaining...

CVE-2024-26750

CVE-2024-26750 affects the Linux kernel. The vulnerability was in af_unix garbage collection: a self-referencing oob_skb/FD scenario could cause __unix_gc() to hang due to a loop that fails to purge inflight sockets. The fix drops the oob_skb reference before purging the queue, allowing __skb_que...