107 matches found
CVE-2023-53854 ASoC: mediatek: mt8186: Fix use-after-free in driver remove path
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
CVE-2023-53854
The CVE CVE-2023-53854 concerns ASoC: mediatek mt8186 with a use-after-free in the driver remove path. The root cause was incorrect removal-time ordering of devm-managed resources in mt8186_init_clock(): the code registered clocks (mt8186_audsys_clk_register), allocated clock resources, then retr...
CVE-2023-53854
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
SUSE CVE-2023-53758
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...
PT-2025-49701
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s mmc subsystem, specifically within the omap hsmmc driver. The mmc add host function may return an error, and failure to check this return value can le...
PT-2025-49745
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8186: Fix use-after-free in driver remove path When devm runs function in the "remove" path for a device it runs them in the reverse order. That means that if you have parts of your driver that aren't using devm...
DEBIAN-CVE-2023-53758
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...
DEBIAN-CVE-2022-50618
In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehost...
PT-2025-49488
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmel qspi remove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped...
PT-2025-49459
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where the mmc add host function's return value is not properly checked. If mmc add host returns an error, the allocated memory in mmc alloc host is...
PT-2026-2511
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the net/mlx5e module where the PSP Profile Support Package can be unregistered twice. This occurs through both the mlx5e remove and mlx5e nic cleanup...
drm/msm: Make .remove and .shutdown HW shutdown consistent
...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988884)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988884 advisory. In the Linux kernel, the following vulnerability has been resolved: brcmfmac: pcie: Release firmwares in the brcmfpciesetup error path This avoids leaking memory if...
CVE-2025-40091
In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...
UBUNTU-CVE-2025-40091
In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...
PT-2025-51626
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the idpf driver related to the removal of the driver. Specifically, a NULL pointer dereference can occur in the idpf remove function when attempti...
Linux Distros Unpatched Vulnerability : CVE-2023-53567
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: qup: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not...
PT-2025-41050
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the r6040 driver related to the probe and remove processes. The issue stems from a failure to properly disconnect a phy device when removing an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986792)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986792 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstarcleanup This module's remove path calls...
CVE-2023-53567
CVE-2023-53567 – Linux kernel : The issue affects the kernel SPI QUP driver. The root cause is returning early from a platform driver’s remove callback, which prevents releasing DMA resources in the error path, causing a permanent resource leak. The fix ensures proper cleanup by not skipping hard...