545 matches found
SUSE CVE-2026-53322
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfiopcicoreclosedevice call vfiopcidmabufcleanup before the function is disabled via vfiopcicoredisable. This ensures that all access via DMABUFs is...
DEBIAN-CVE-2026-53290
In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...
CVE-2026-53290
In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...
PT-2026-52929
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the xe eu stall stream close function. The drm dev put function is called before the stream is disabled and its resources are freed. If this call drops t...
CVE-2026-53026
A flaw was found in the Linux kernel's Network File System Daemon NFSD. An issue with file access counting in the nfsd4addrdaccesstowrdeleg function can lead to an extra access count for nfs4file objects. This prevents the proper freeing of associated resources when the NFS server service is...
EUVD-2026-38842
In the Linux kernel, the following vulnerability has been resolved: net: tls: fix strparser anchor skb leak on offload RX setup failure When tlssetdeviceoffloadrx fails at tlsdevadd, the error path calls tlsswfreeresourcesrx to clean up the SW context that was initialized by tlssetswoffload. This...
CVE-2026-52974
In the Linux kernel, the following vulnerability has been resolved: net: tls: fix strparser anchor skb leak on offload RX setup failure When tlssetdeviceoffloadrx fails at tlsdevadd, the error path calls tlsswfreeresourcesrx to clean up the SW context that was initialized by tlssetswoffload. This...
CVE-2026-52974
Summary of CVE-2026-52974 (Linux kernel net: tls): The leak is a memory leak in the TLS offload RX path where, if tls_set_device_offload_rx() fails in tls_dev_add(), the cleanup path does not free the anchor skb allocated in tls_strp_init(). This occurs in the “failed to start offload” code path ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Cleanup acquired resources when rprochandleresources fails in rprocattach When rproc-state = RPROCDETACHED and rprocattach is used to attach to the remote processor, if rprochandleresources returns an error, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iavf: fix PTP use-after-free during reset The commit 7c01dbfc8a1c5f “iavf: periodically cache PHC time” introduced a worker that was responsible for caching PHC time. However, it failed to stop this worker during resets or to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/bridge: synopsys: dw-dp: fixed error paths in dwdpBind. Several issues in error handling for dwdpBind have been fixed: 1. A missing return statement after a failure in drmbridgeattach—the function continued execution inste...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Resources are freed after they are unregistered. The unbind operation of the DP component iterates through the submodules to unregister them and clean up the situation. However, if the unbind occurs because the DP...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Resources are freed even if the runtime resume attempt fails in .remove. An early error exit in atmelqspiremove does not prevent the device from being unbound. This results in an SPI controller with an unbound...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fixed the issue of releasing uninitialized resources on an error path. The commit in the fixes section ensured that mlx5vdpafree is the only entrypoint for releasing vdpa device resources added in mlx5vdpadevadd. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fixed the issue of null pointer dereferencing in ESI. ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is an optional feature, and UFS MCQ should...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fixed the leak of the expander node in mpi3mrremove. Added a missing resource cleanup in .remove...
SUSE CVE-2026-46176
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...
EUVD-2026-32753
In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...
CVE-2026-46176
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix error path fall-through in mlx5ibdevressrqinit mlx5ibdevressrqinit allocates two SRQs, s0 and s1. When ibcreatesrq fails for s1, the error branch destroys s0 but falls through and unconditionally assigns the freed ...
PT-2026-44299
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error path fall-through exists in the mlx5 ib dev res srq init function. When the function allocates two Send Receive Queues SRQs, s0 and s1, a failure in ib create srq for s1 causes...