CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2026-23033 – dmaengine: omap-dma: fix dma_pool resource leak in error paths
https://notcve.org/view.php?id=CVE-2026-23033
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in error paths The dma_pool created by dma_pool_create() is not destroyed when dma_async_device_register() or of_dma_controller_register() fails, causing a resource leak in the probe error paths. Add dma_pool_destroy() in both error paths to properly release the allocated dma_pool resource. In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool re... • https://git.kernel.org/stable/c/7bedaa5537604f34d1d63c5ec7891e559d2a61ed •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23032 – null_blk: fix kmemleak by releasing references to fault configfs items
https://notcve.org/view.php?id=CVE-2026-23032
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to fault configfs items When CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeout_inject, requeue_inject, and init_hctx_fault_inject configfs items as children of the top-level nullbX configfs group. However, when the nullbX device is removed, the references taken to these fault-config configfs items are not released. As... • https://git.kernel.org/stable/c/bb4c19e030f45c5416f1eb4daa94fbaf7165e9ea •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2026-23031 – can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak
https://notcve.org/view.php?id=CVE-2026-23031
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. In the complete callback gs_usb_receive_bulk_callback(), the URB is processed and resubmitted. In gs_can_close() the URBs are freed by calling usb_kill_anchored_urbs(parent->rx_submitted). However, this does not take into account that the USB framework unancho... • https://git.kernel.org/stable/c/d08e973a77d128b25e01a08c34d89593fdf222da •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2026-23030 – phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe()
https://notcve.org/view.php?id=CVE-2026-23030
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() The for_each_available_child_of_node() calls of_node_put() to release child_np in each success loop. After breaking from the loop with the child_np has been released, the code will jump to the put_child label and will call the of_node_put() again if the devm_request_threaded_irq() fails. These cause a double free bug. Fix by returning directly to avoid the duplicate... • https://git.kernel.org/stable/c/ed2b5a8e6b98d042b323afbe177a5dc618921b31 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2026-23026 – dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
https://notcve.org/view.php?id=CVE-2026-23026
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes... • https://git.kernel.org/stable/c/5d0c3533a19f48e5e7e73806a3e4b29cd4364130 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2026-23025 – mm/page_alloc: prevent pcp corruption with SMP=n
https://notcve.org/view.php?id=CVE-2026-23025
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU#0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .owner_cpu: 0 CPU: 0 UID: 0 PID: 28 Comm: kcompactd0 Not tainted 6.18.0-rc5-00127-ga06157804399 #1 PREEMPT 8cc09ef94dcec767faa911515ce9e609c45db470 Call Trace:
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2025-71191 – dmaengine: at_hdmac: fix device leak on of_dma_xlate()
https://notcve.org/view.php?id=CVE-2025-71191
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit 3832b78b3ec2 ("dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate()") fixed the leak in a couple of error paths but the reference is still leaking on successful allocation. In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/bbe89c8e3d598129b728d1388c3ad9abe4e8e261 •
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2025-71190 – dmaengine: bcm-sba-raid: fix device leak on probe
https://notcve.org/view.php?id=CVE-2025-71190
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. Several vulnerabilities ... • https://git.kernel.org/stable/c/743e1c8ffe4ee5dd7596556dcc3f022ccde13d7b •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2025-71189 – dmaengine: dw: dmamux: fix OF node leak on route allocation failure
https://notcve.org/view.php?id=CVE-2025-71189
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures. In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures. Several vulnerabilities have bee... • https://git.kernel.org/stable/c/134d9c52fca26d2d199516e915da00f0cc6adc73 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-71188 – dmaengine: lpc18xx-dmamux: fix device leak on route allocation
https://notcve.org/view.php?id=CVE-2025-71188
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make ... • https://git.kernel.org/stable/c/e5f4ae84be7421010780984bdc121eac15997327 •