VYPR

linux package

kernel

pkg:linux/kernel

Vulnerabilities (1,755)

  • CVE-2026-23030Jan 31, 2026
    affected >= 5.17.0, < 6.1.162fixed 6.1.162

    In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The for_each_available_child_of_node() calls of_node_put() to release child_np in each success loop. After breaking from the loop with

  • CVE-2026-23029Jan 31, 2026
    affected >= 6.13.0, < 6.18.7fixed 6.18.7

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_eioi

  • CVE-2026-23028Jan 31, 2026
    affected >= 6.13.0, < 6.18.7fixed 6.18.7

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_ipi_dest

  • CVE-2026-23027Jan 31, 2026
    affected >= 6.13.0, < 6.18.7fixed 6.18.7

    In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_pch_

  • CVE-2026-23026MedJan 31, 2026
    affected >= 5.11.0, < 5.15.199fixed 5.15.199

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue

  • CVE-2026-23025HigJan 31, 2026
    affected < 6.1.162fixed 6.1.162

    In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU#0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd

  • CVE-2025-71191MedJan 31, 2026
    affected >= 3.10.0, < 5.10.249fixed 5.10.249

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit 383

  • CVE-2025-71190MedJan 31, 2026
    affected >= 4.13.0, < 5.10.249fixed 5.10.249

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind.

  • CVE-2025-71189MedJan 31, 2026
    affected >= 5.19.0, < 6.1.162fixed 6.1.162

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures.

  • CVE-2025-71188MedJan 31, 2026
    affected >= 4.3.0, < 5.10.249fixed 5.10.249

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a devi

  • CVE-2025-71186MedJan 31, 2026
    affected >= 4.15.0, < 5.10.249fixed 5.10.249

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a devic

  • CVE-2025-71185MedJan 31, 2026
    affected >= 4.4.0, < 5.10.249fixed 5.10.249

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation.

  • CVE-2025-71187Jan 31, 2026
    affected >= 6.16.0, < 6.18.7fixed 6.18.7

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures (e.g. probe deferral).

  • CVE-2026-23024Jan 31, 2026
    affected >= 6.17.0, < 6.18.6fixed 6.18.6

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Module removal with active entries cause

  • CVE-2026-23023Jan 31, 2026
    affected >= 6.7.0, < 6.12.66fixed 6.12.66

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 (size 4096): comm

  • CVE-2026-23022Jan 31, 2026
    affected >= 6.17.0, < 6.18.6fixed 6.18.6

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vc_core_deinit() Make sure to free hw->lan_regs. Reported by kmemleak during reset: unreferenced object 0xff1b913d02a936c0 (size 96): comm "kworker/u258:14", pid 2174, jiffies 4

  • CVE-2026-23021Jan 31, 2026
    affected >= 3.10.0, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in update_eth_regs_async() When asynchronously writing to the device registers and if usb_submit_urb() fail, the code fail to release allocated to this point resources.

  • CVE-2026-23020Jan 31, 2026
    affected >= 4.17.0, < 5.10.248fixed 5.10.248

    In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortex_probe1() pdev can be null and free_ring: can be called in 1297 with a null pdev.

  • CVE-2026-23019Jan 31, 2026
    affected >= 5.10.0, < 5.15.198fixed 5.15.198

    In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure devlink_alloc() may return NULL on allocation failure, but prestera_devlink_alloc() unconditionally calls devlink_priv() on the returned p

  • CVE-2026-23018Jan 31, 2026
    affected >= 6.17.0, < 6.18.6fixed 6.18.6

    In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfs_read_locked_inode() In btrfs_read_locked_inode() we are calling btrfs_init_file_extent_tree() while holding a path with a read locked leaf from a sub

Page 12 of 88