Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fixed an error in handling chameleonparsegdd If mcbdeviceregister returns an error in chameleonparsegdd, the reference count of the bus and device names is exposed. This issue is addressed by calling putdevice to...

EUVD-2026-27752

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...

PT-2026-37532

In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dm put device when failing to get scsi dh name When commit fd81bc5cca8f "scsi: device handler: Return error pointer in scsi dh attached handler name" added code to fail parsing the path if scsi dh attached...

EUVD-2026-26510

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013567)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013567 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfcgetdevice take reference for the device, add missing...

EUVD-2026-18673

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

UBUNTU-CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

CVE-2026-23434

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...

PT-2026-30129

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nand lock and nand unlock call into chip-ops.lock area/unlock area without holding the NAND device lock. On controllers that implement SET FEATURES via multiple...

CVE-2026-23192

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

EUVD-2022-55864

In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfcgetdevice take reference for the device, add missing nfcputdevice to release it when not need anymore. Also fix the style warnning by use error EOPNOTSUPP instead of ENOTSUPP...

CVE-2022-50777 net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe

In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmiiprobe ofphyfinddevice return device node with refcount incremented. Call putdevice to relese it when not needed anymore...

CVE-2022-50566 mtd: Fix device name leak when register device failed in add_mtd_device()

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 size 8: comm "insmod", pid 3922, jiffies 4295277753 age 925.408s hex du...

CVE-2022-50522

The CVE-2022-50522 entry corresponds to a Linux kernel issue in mcb-parse (chameleon_parse_gdd). When mcb_device_register() returns an error, the refcount for the bus and device name is leaked. The fix adds a put_device() to relinquish the reference so resources can be released during mcb_release...

CVE-2022-50474 macintosh: fix possible memory leak in macio_add_one_device()

In the Linux kernel, the following vulnerability has been resolved: macintosh: fix possible memory leak in macioaddonedevice Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically. It needs to be freed when ofdeviceregist...

PT-2025-40147

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak could occur during module exit in the MIPS virtual processor environment vpe-mt. After a specific commit 1fa5ae857bb1, device names are dynamically allocated and require...

PT-2025-38012

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw within the rapidio subsystem where a name leak can occur when the rio add device function fails. Specifically, if rio add device returns an error, the...

kernel: mmc: sdio: fix possible resource leaks in some error paths

In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdioaddfunc or sdioinitfunc fails, sdioremovefunc can not release the resources, because the sdio function is not presented in these two cases, it won't call ofnodeput...

SUSE CVE-2023-52795

In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix use after free in vhostvdpaprobe The putdevice calls vhostvdpareleasedev which calls idasimpleremove and frees "v". So this call to idasimpleremove is a use after free and a double free...