Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a lack of error checking in the clock acquisition process within ASoC and acp-mach-common. This...

PT-2026-39104

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the ASoC amd acp-mach-common component, the functions acp card rt5682 init and acp card rt5682s init fail to check the return values of clk get. This lack of error handling can result...

PT-2026-38988

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401 init hw dcn401 init hw assumes that update bw bounding box is valid when entering the update path. However, the existing condition: !fams2 enable && update bw bounding box |...

PT-2026-38924

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the spi: cadence-quadspi driver where a runtime PM Power Management disable operation in the probe function error paths can trigger duplicate clock disables. This occu...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-016779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016779 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are...

Linux Distros Unpatched Vulnerability : CVE-2026-43443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: amd: acp-mach-common: Add missing error check for clock acquisition The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values...

drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src

...

CVE-2026-43196

A flaw was found in the Linux kernel, specifically within the PRUSS Programmable Real-time Unit Subsystem clock multiplexer setup. This vulnerability, a double free, occurs when the system attempts to release the same memory resource twice. This can lead to memory corruption, which a local attack...

EUVD-2026-27759

In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double free in prussclkmuxsetup In the prussclkmuxsetup, the devmaddactionorreset indirectly calls prussoffreeclkprovider, which calls ofnodeputclkmuxnp on the error path. However, after the devmaddactionorres...

Use of Predictable Algorithm in Random Number Generator

Overview keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Use of Predictable Algorithm in Random Number Generator in the generatechallenge method. An attacker can evade detection and bypass security...

CVE-2026-43243

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 getphyd32clksrc Trying to access link enc on a dpia link will cause a crash otherwise...

CVE-2026-43196

In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double free in prussclkmuxsetup In the prussclkmuxsetup, the devmaddactionorreset indirectly calls prussoffreeclkprovider, which calls ofnodeputclkmuxnp on the error path. However, after the devmaddactionorres...

CVE-2026-43243

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 getphyd32clksrc Trying to access link enc on a dpia link will cause a crash otherwise...

CVE-2026-43196 soc: ti: pruss: Fix double free in pruss_clk_mux_setup()

In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double free in prussclkmuxsetup In the prussclkmuxsetup, the devmaddactionorreset indirectly calls prussoffreeclkprovider, which calls ofnodeputclkmuxnp on the error path. However, after the devmaddactionorres...

CVE-2026-43196

CVE-2026-43196 affects the Linux kernel PRUSS clock multiplexer path (pruss_clk_mux_setup). The issue is a double free: devm_add_action_or_reset() path frees a resource via pruss_of_free_clk_provider(), which calls of_node_put(clk_mux_np) on error, and a second of_node_put is executed after the p...

CVE-2026-43196

In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double free in prussclkmuxsetup In the prussclkmuxsetup, the devmaddactionorreset indirectly calls prussoffreeclkprovider, which calls ofnodeputclkmuxnp on the error path. However, after the devmaddactionorres...

CVE-2026-43175

The CVE-2026-43175 issue affects the Linux kernel’s clk: rs9 component, where the 9FGV0841 driver registers 8 clk_hw instances but the code did not guarantee 8 slots, risking an out-of-bounds write to rs9_driver_data.clk_dif[4..7] and corruption of adjacent data. All connected sources consistentl...

CVE-2026-43175

In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Reserve 8 struct clkhw slots for for 9FGV0841 The 9FGV0841 has 8 outputs and registers 8 struct clkhw, make sure there are 8 slots for those newly registered clkhw pointers, else there is going to be out of bounds write...

SUSE CVE-2026-43015

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...

PT-2026-37515

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write occurs in the rs9 driver when handling the 9FGV0841 chip. The chip registers 8 struct clk hw outputs, but the struct rs9 driver data .clk dif4..7 field lacks...