In the Linux kernel, the following vulnerability has been resolved:
net/smc: remove device from smcd_dev_list after failed device_add()
If the device_add() for a smcd_dev fails, theres no cleanup step that rolls back the earlier list_add(). The device subsequently gets freed, and we end up with a corrupted list.
Add some error handling that removes the device from the list.