Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/qedr: Fixed the qedrcreateuserqp error flow. Avoid the following warning by ensuring that allocated resources are freed in case qedrinituserqueue fails. ----------- Cut here --- WARNING: CPU: 0 PID: 143192 at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Regulator: pca9450 – Use devmregistersysoffhandler. With the module test, there is an error dump: ------------ Cut here ------------ Notifier callback pca9450i2crestarthandler is already registered. WARNING: kernel/notifier.c:23 ...

SUSE CVE-2026-43451

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...

EUVD-2026-24923

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix leakage in constructregion Failing the first sysfsupdategroup needs to explicitly kfree the resource as it is too early for cxlregioniomemrelease to do so...

CVE-2025-71232 scsi: qla2xxx: Free sp in error path to fix system crash

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, 61110.449331 qla2xxx 0000:27:00.0-0042:0: Disabled MSI-X. 61110.467494...

CVE-2023-53758

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...

kernel: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods

In the Linux kernel, the following vulnerability has been resolved: can: mcan: pci: add missing mcanclassfreedev in probe/remove methods In mcanpciremove and error handling path of mcanpciprobe, mcanclassfreedev should be called to free resource allocated by mcanclassallocatedev, otherwise there...

kernel: RDMA/irdma: Fix a window for use-after-free

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdmacqfreersrc. Fix this by moving the call to irdmacqfreersrc after the...

kernel: RDMA/irdma: Fix a window for use-after-free

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix a window for use-after-free During a destroy CQ an interrupt may cause processing of a CQE after CQ resources are freed by irdmacqfreersrc. Fix this by moving the call to irdmacqfreersrc after the...

CVE-2023-53568

Vulnerability (CVE-2023-53568) in the Linux kernel affects s390/zcrypt: when dev_set_name() fails, zcdn_create() leaks newly allocated resources instead of freeing them. The issue has been resolved by ensuring proper cleanup. The provided description notes the root cause and fix, and linked refer...

AZL-74667 CVE-2025-39772 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

DEBIAN-CVE-2025-39771

In the Linux kernel, the following vulnerability has been resolved: regulator: pca9450: Use devmregistersysoffhandler With module test, there is error dump: ------------ cut here ------------ notifier callback pca9450i2crestarthandler already registered WARNING: kernel/notifier.c:23 at...

CVE-2025-39771

The CVE-2025-39771 entry concerns the Linux kernel regulator driver pca9450. The issue arises in the pca9450_restart handling during module probe, where a notifier callback is already registered, leading to a kernel dump if not managed. The documented remediation is to use devm_register_sys_off_h...

SUSE CVE-2025-38635

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...

PT-2025-37230

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s drm/hisilicon/hibmc driver related to handling hibmc loading failures. When hibmc loading fails, the driver attempts to free resources using hibmc...

UBUNTU-CVE-2023-52688

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix the error handler of rfkill config When the core rfkill config throws error, it should free the allocated resources. Currently it is not freeing the core pdev create resources. Avoid this issue by calling the co...

PHP hash_update_file() function use after free() vulnerability

Race conditions allows to free resource processed by function...