Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tty: A possible resource leak was fixed in icomprobe. When pcireadconfigdword failed, calls to pcireleaseregions and pcidisabledevice were made to reallocate the previously allocated resources...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: Base: Resources are freed when a device is unregistered. In the current code, the devresreleaseall function is only called if the device has a bus and has been probed. This leads to issues when using devices that lack a...

Linux Distros Unpatched Vulnerability : CVE-2026-46012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix memory leaks in rxkadverifyresponse Fix rxkadverifyresponse to free the ticket and the server key under all circumstances by initialising the ticket...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2dofillsuper. If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

CVE-2026-43317

In the Linux kernel, the following vulnerability has been resolved: most: core: fix leak on early registration failure A recent commit fixed a resource leak on early registration failures but for some reason left out the first error path which still leaks the resources associated with the...

CVE-2022-50633

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3qcominterconnectinit oficcget alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3qcominterconnectexit function. Add iccput in error handlin...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990629 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988832 advisory. In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an...

bluetooth/l2cap: sync sock recv cb and release

...

UBUNTU-CVE-2023-53596

In the Linux kernel, the following vulnerability has been resolved: drivers: base: Free devm resources when unregistering a device In the current code, devresreleaseall only gets called if the device has a bus and has been probed. This leads to issues when using bus-less or driver-less devices...

CVE-2025-39695

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Flush delayed SKBs while releasing RXE resources When skb packets are sent out, these skb packets still depends on the rxe resources, for example, QP, sk, when these packets are destroyed. If these rxe resources are...

PT-2025-36289

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s RDMA/rxe subsystem related to the handling of SKB packets and RXE resources. Specifically, the issue occurs when skb packets are sent and still depe...

UBUNTU-CVE-2022-49277

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...

CLSA-2025-1739524909 Fix of 7 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-53104 - media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-url: https://ubuntu.com/security/CVE-2024-41020 - filelock: Fix fcntl/close race recovery compat path CVE-url: https://ubuntu.com/security/CVE-2024-43892 - memcg...

PT-2026-5517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A device leak exists in the dmaengine subsystem, specifically within the at hdmac component and the of dma xlate function. The issue occurs because a reference to a DMA platform device i...

The vulnerability of the aiohttp HTTP client lies in the fact that resources are not released after their useful period has ended, allowing attackers to trigger service failures.

The vulnerability of the aiohttp HTTP client is related to the failure to release resources after their useful period has expired. Exploiting this vulnerability allows a remote attacker to cause service failures...

kernel: mmc: sdio: fix possible resource leaks in some error paths

In the Linux kernel, the following vulnerability has been resolved: mmc: sdio: fix possible resource leaks in some error paths If sdioaddfunc or sdioinitfunc fails, sdioremovefunc can not release the resources, because the sdio function is not presented in these two cases, it won't call ofnodeput...

CVE-2024-47688

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

CVE-2022-48811

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi structures needlessly. Instead, have ibmvnicopen only clean up the work...

CVE-2022-48811

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when setting link state, it calls releaseresources which frees the napi structures needlessly. Instead, have ibmvnicopen only clean up the work...