CVE-2025-10865

CVE-2025-10865 affects the Imagination Graphics DDK (GPU driver) where DevmemIntGetReservationData does not properly ref the PMR, leading to improper reference counting and a potential use-after-free vulnerability. The issue is described as arising when unprivileged users run GPU system calls, wi...

CVE-2025-58411

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-58411 GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-58411 GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-68801

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour 1. The problem seems to be that the driver stores a pointer to the neighbour, but without holding a reference ...

CVE-2025-68801

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour 1. The problem seems to be that the driver stores a pointer to the neighbour, but without holding a reference ...

CVE-2025-68774

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix missing hfsbnodeget in hfsbnodecreate When sync and link are called concurrently, both threads may enter hfsbnodefind without finding the node in the hash table and proceed to create it. Thread A: hfspluswriteinode -...

CVE-2025-68801 mlxsw: spectrum_router: Fix neighbour use-after-free

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour 1. The problem seems to be that the driver stores a pointer to the neighbour, but without holding a reference ...

CVE-2025-68801 mlxsw: spectrum_router: Fix neighbour use-after-free

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour 1. The problem seems to be that the driver stores a pointer to the neighbour, but without holding a reference ...

CVE-2025-68801

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumrouter: Fix neighbour use-after-free We sometimes observe use-after-free when dereferencing a neighbour 1. The problem seems to be that the driver stores a pointer to the neighbour, but without holding a reference ...

PT-2026-2434

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...

PT-2026-2472

Name of the Vulnerable Software and Affected Versions Software affected versions not specified Description Software installed and run as a non-privileged user may conduct improper GPU system calls, leading to mismanagement of resources reference counting and a potential use after free scenario...

PT-2026-20450

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The EROFS filesystem may experience a use-after-free UAF condition when a file-backed mount with the directio option is enabled. This can lead to a system panic. The issue arises from a...

SUSE CVE-2022-50823

In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114clockinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

SUSE CVE-2022-50874

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Fix refcount leak in erdmammap rdmausermmapentryget take reference, we should release it when not need anymore, add the missing rdmausermmapentryput in the error path to fix it...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993292 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in offlashprobeversatile offindmatchingnodeandmatch returns a node...

CVE-2022-50855

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...

CVE-2022-50868 hwrng: amd - Fix PCI device refcount leak

In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...

CVE-2022-50785 fsi: occ: Prevent use after free

In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use getdevice and putdevice in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992316)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992316 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Have traceeventfile have ref counters The following can crash the kernel: cd...