CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2026-23029 – LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy()
https://notcve.org/view.php?id=CVE-2026-23029
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_eiointc_destroy() is not currently doing this, that would lead to a memory leak. So, fix it. In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy() In kvm_ioctl_cre... • https://git.kernel.org/stable/c/2e8b9df82631e714cc2b7bf302772c8259673180 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2026-23028 – LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy()
https://notcve.org/view.php?id=CVE-2026-23028
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_ipi_destroy() is not currently doing this, that would lead to a memory leak. So, fix it. In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_ipi_destroy() In kvm_ioctl_create_device()... • https://git.kernel.org/stable/c/c532de5a67a70f8533d495f8f2aaa9a0491c3ad0 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2026-23027 – LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy()
https://notcve.org/view.php?id=CVE-2026-23027
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_pch_pic_destroy() is not currently doing this, that would lead to a memory leak. So, fix it. In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy() In kvm_ioctl_cre... • https://git.kernel.org/stable/c/e785dfacf7e7fe94370fa0e8e3ff1bc8fe179831 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23026 – dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
https://notcve.org/view.php?id=CVE-2026-23026
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes... • https://git.kernel.org/stable/c/5d0c3533a19f48e5e7e73806a3e4b29cd4364130 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2026-23025 – mm/page_alloc: prevent pcp corruption with SMP=n
https://notcve.org/view.php?id=CVE-2026-23025
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU#0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .owner_cpu: 0 CPU: 0 UID: 0 PID: 28 Comm: kcompactd0 Not tainted 6.18.0-rc5-00127-ga06157804399 #1 PREEMPT 8cc09ef94dcec767faa911515ce9e609c45db470 Call Trace:
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71191 – dmaengine: at_hdmac: fix device leak on of_dma_xlate()
https://notcve.org/view.php?id=CVE-2025-71191
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit 3832b78b3ec2 ("dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate()") fixed the leak in a couple of error paths but the reference is still leaking on successful allocation. In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/bbe89c8e3d598129b728d1388c3ad9abe4e8e261 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71190 – dmaengine: bcm-sba-raid: fix device leak on probe
https://notcve.org/view.php?id=CVE-2025-71190
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. • https://git.kernel.org/stable/c/743e1c8ffe4ee5dd7596556dcc3f022ccde13d7b •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71189 – dmaengine: dw: dmamux: fix OF node leak on route allocation failure
https://notcve.org/view.php?id=CVE-2025-71189
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures. In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures. • https://git.kernel.org/stable/c/134d9c52fca26d2d199516e915da00f0cc6adc73 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71188 – dmaengine: lpc18xx-dmamux: fix device leak on route allocation
https://notcve.org/view.php?id=CVE-2025-71188
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make ... • https://git.kernel.org/stable/c/e5f4ae84be7421010780984bdc121eac15997327 •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-71187 – dmaengine: sh: rz-dmac: fix device leak on probe failure
https://notcve.org/view.php?id=CVE-2025-71187
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures (e.g. probe deferral). In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures (e.g. probe deferral). • https://git.kernel.org/stable/c/7de873201c44bff5b42f2e560098d463843b8a4c •