CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2026-23027 – LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy()
https://notcve.org/view.php?id=CVE-2026-23027
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_device struct, but kvm_pch_pic_destroy() is not currently doing this, that would lead to a memory leak. So, fix it. In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_destroy() In kvm_ioctl_cre... • https://git.kernel.org/stable/c/e785dfacf7e7fe94370fa0e8e3ff1bc8fe179831 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23026 – dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
https://notcve.org/view.php?id=CVE-2026-23026
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes... • https://git.kernel.org/stable/c/5d0c3533a19f48e5e7e73806a3e4b29cd4364130 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2026-23025 – mm/page_alloc: prevent pcp corruption with SMP=n
https://notcve.org/view.php?id=CVE-2026-23025
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU#0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .owner_cpu: 0 CPU: 0 UID: 0 PID: 28 Comm: kcompactd0 Not tainted 6.18.0-rc5-00127-ga06157804399 #1 PREEMPT 8cc09ef94dcec767faa911515ce9e609c45db470 Call Trace:
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71191 – dmaengine: at_hdmac: fix device leak on of_dma_xlate()
https://notcve.org/view.php?id=CVE-2025-71191
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit 3832b78b3ec2 ("dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate()") fixed the leak in a couple of error paths but the reference is still leaking on successful allocation. In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/bbe89c8e3d598129b728d1388c3ad9abe4e8e261 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71190 – dmaengine: bcm-sba-raid: fix device leak on probe
https://notcve.org/view.php?id=CVE-2025-71190
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. • https://git.kernel.org/stable/c/743e1c8ffe4ee5dd7596556dcc3f022ccde13d7b •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71189 – dmaengine: dw: dmamux: fix OF node leak on route allocation failure
https://notcve.org/view.php?id=CVE-2025-71189
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures. In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures. • https://git.kernel.org/stable/c/134d9c52fca26d2d199516e915da00f0cc6adc73 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71188 – dmaengine: lpc18xx-dmamux: fix device leak on route allocation
https://notcve.org/view.php?id=CVE-2025-71188
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make ... • https://git.kernel.org/stable/c/e5f4ae84be7421010780984bdc121eac15997327 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71186 – dmaengine: stm32: dmamux: fix device leak on route allocation
https://notcve.org/view.php?id=CVE-2025-71186
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make su... • https://git.kernel.org/stable/c/df7e762db5f6c8dbd9e480f1c9ef9851de346657 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71185 – dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation
https://notcve.org/view.php?id=CVE-2025-71185
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation. In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation. • https://git.kernel.org/stable/c/42dbdcc6bf965997c088caff2a8be7f9bf44f701 •
CVSS: 5.6EPSS: 0%CPEs: 3EXPL: 0CVE-2026-23023 – idpf: fix memory leak in idpf_vport_rel()
https://notcve.org/view.php?id=CVE-2026-23023
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 (size 4096): comm "kworker/u258:5", pid 7732, jiffies 4296830044 hex dump (first 32 bytes): 00 00 00 00 00 10 00 00 00 10 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 ................ backtrace (crc 3da81902): __kmall... • https://git.kernel.org/stable/c/0fe45467a1041ea3657a7fa3a791c84c104fbd34 •