21831 matches found
CVE-2026-43270
In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtkmdpremove In mtkmdpprobe, vpugetplatdevice increases the reference count of the returned platform device. Add platformdeviceput to prevent reference leak...
CVE-2026-43270
The CVE-2026-43270 issue affects the Linux kernel media: mtk-mdp module. In mtk_mdp_probe(), vpu_get_plat_device() increases the platform device reference count and is not consistently released in mtk_mdp_remove(), creating a reference-leak vulnerability. Red Hat and Debian OS/tracking entries co...
CVE-2026-43270 media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove()
In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtkmdpremove In mtkmdpprobe, vpugetplatdevice increases the reference count of the returned platform device. Add platformdeviceput to prevent reference leak...
CVE-2026-43270
In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtkmdpremove In mtkmdpprobe, vpugetplatdevice increases the reference count of the returned platform device. Add platformdeviceput to prevent reference leak...
CVE-2026-43263
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpuinstance" this structure is shared for all...
CVE-2026-43264
In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...
CVE-2026-43237
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...
CVE-2026-43207
The vulnerability CVE-2026-43207 affects the Linux kernel mtk-mdp media driver. Root cause: improper error handling in the probe function can cause resource leaks; a missing check for vpu_get_plat_device() may dereference a NULL and the function increases the platform device reference count, risk...
CVE-2026-43192
The provided sources describe CVE-2026-43192 as a Linux kernel issue in the device-mapper multipath (dm mpath) subsystem. A missing cleanup (dm_put_device) when failing to retrieve the SCSI handler name during path parsing (scsi_dh_attached_handler_name) could leak references to the path device. ...
CVE-2026-43193
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4file refcount leak in nfsdgetdirdeleg Claude pointed out that there is a nfs4file refcount leak in nfsdgetdirdeleg. Ensure that the reference to "fp" is released before returning...
CVE-2026-43177
In the Linux kernel ipu6 driver, CVE-2026-43177 is due to a runtime PM reference leak in probe error paths of the ipu6_pci_probe() routine. Several error paths jumped to cleanup without releasing the runtime PM reference, risking resource exhaustion and potential DoS. The published fixes add a pm...
CVE-2026-43177 media: ipu6: Fix RPM reference leak in probe error paths
In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...
CVE-2026-43177
In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...
CVE-2026-43174 io_uring/zcrx: fix post open error handling
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly...
CVE-2026-43165
CVE-2026-43165 corresponds to a Linux kernel hwmon issue in the nct7363 driver where of_parse_phandle_with_args() references were not released with of_node_put(), causing a resource leak in nct7363_present_pwm_fanin. The connected OSV entries indicate patches in rootio-linux for various Ubuntu/De...
CVE-2026-43154 erofs: fix incorrect early exits in volume label handling
In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorrect early returns, leading to folio reference leaks. However, this does not cause system crashes or...
CVE-2026-43154
The CVE-2026-43154 issue affects the Linux kernel EROFS filesystem, where crafted EROFS images with valid volume labels trigger incorrect early exits in volume label handling, leading to folio reference leaks. Affected component is the EROFS implementation in the kernel; root cause is improper co...
CVE-2026-43121 io_uring/zcrx: fix user_ref race between scrub and refill paths
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...
CVE-2026-43090
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrmmigratepolicyfind syzkaller reported a memory leak in xfrmpolicyalloc: BUG: memory leak unreferenced object 0xffff888114d79000 size 1024: comm "syz.1.17", pid 931 ... xfrmpolicyalloc+0xb3/0x4b0...
RHSA-2026:13888 Red Hat Security Advisory: sudo security update
Bulletin has no description...