CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23038 – pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()
https://notcve.org/view.php?id=CVE-2026-23038
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails, the function jumps to the out_scratch label without freeing the already allocated dsaddrs list, leading to a memory leak. Fix this by jumping to the out_err_drain_dsaddrs label, which properly frees the dsaddrs list before cleaning up other resources. In the Linux kernel, the following vulnerability has... • https://git.kernel.org/stable/c/d67ae825a59d639e4d8b82413af84d854617a87e •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23037 – can: etas_es58x: allow partial RX URB allocation to succeed
https://notcve.org/view.php?id=CVE-2026-23037
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to succeed When es58x_alloc_rx_urbs() fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58x_open() to return early, skipping the cleanup label 'free_urbs', which leads to the anchored URBs being leaked. As pointed out by maintainer Vincent Mailhol, the driver is designed to handle partial URB allocation gracefully. Therefor... • https://git.kernel.org/stable/c/8537257874e949a59c834cecfd5a063e11b64b0b •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2026-23035 – net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv
https://notcve.org/view.php?id=CVE-2026-23035
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails. Pass netdev to mlx5e_destroy_netdev() to guarantee it will work on a valid netdev. On mlx5e_remove: Check validity of priv->profile, before attempting to cleanup any resources that might be not there. This fixes a kernel oops in mlx5e_remove when switchdev mode fails due to change profile failu... • https://git.kernel.org/stable/c/c4d7eb57687f358cd498ea3624519236af8db97e •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23033 – dmaengine: omap-dma: fix dma_pool resource leak in error paths
https://notcve.org/view.php?id=CVE-2026-23033
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in error paths The dma_pool created by dma_pool_create() is not destroyed when dma_async_device_register() or of_dma_controller_register() fails, causing a resource leak in the probe error paths. Add dma_pool_destroy() in both error paths to properly release the allocated dma_pool resource. In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool re... • https://git.kernel.org/stable/c/7bedaa5537604f34d1d63c5ec7891e559d2a61ed •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23031 – can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak
https://notcve.org/view.php?id=CVE-2026-23031
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. In the complete callback gs_usb_receive_bulk_callback(), the URB is processed and resubmitted. In gs_can_close() the URBs are freed by calling usb_kill_anchored_urbs(parent->rx_submitted). However, this does not take into account that the USB framework unancho... • https://git.kernel.org/stable/c/d08e973a77d128b25e01a08c34d89593fdf222da •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2026-23026 – dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
https://notcve.org/view.php?id=CVE-2026-23026
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes... • https://git.kernel.org/stable/c/5d0c3533a19f48e5e7e73806a3e4b29cd4364130 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71191 – dmaengine: at_hdmac: fix device leak on of_dma_xlate()
https://notcve.org/view.php?id=CVE-2025-71191
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit 3832b78b3ec2 ("dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate()") fixed the leak in a couple of error paths but the reference is still leaking on successful allocation. In the Linux kernel, the following vulnerability ... • https://git.kernel.org/stable/c/bbe89c8e3d598129b728d1388c3ad9abe4e8e261 •
CVSS: 5.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71190 – dmaengine: bcm-sba-raid: fix device leak on probe
https://notcve.org/view.php?id=CVE-2025-71190
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind. • https://git.kernel.org/stable/c/743e1c8ffe4ee5dd7596556dcc3f022ccde13d7b •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71188 – dmaengine: lpc18xx-dmamux: fix device leak on route allocation
https://notcve.org/view.php?id=CVE-2025-71188
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make ... • https://git.kernel.org/stable/c/e5f4ae84be7421010780984bdc121eac15997327 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-71186 – dmaengine: stm32: dmamux: fix device leak on route allocation
https://notcve.org/view.php?id=CVE-2025-71186
31 Jan 2026 — In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference. In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make su... • https://git.kernel.org/stable/c/df7e762db5f6c8dbd9e480f1c9ef9851de346657 •