699 matches found
EUVD-2026-38933
In the Linux kernel, the following vulnerability has been resolved: ASoC: sti: use managed regmapfield allocations The regmapfield objects allocated at player init are never freed and may leak resources if the driver is removed. Switch to devmregmapfieldalloc to automatically limit the lifetime o...
EUVD-2026-38910
In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: coresight: Properly clear the connection field. The coresight devices track their connections output connections and hold a reference to the fwnode. When a device goes away, we iterate through the devices on the coresight bus and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: e1000: Moved cancelworksync to avoid deadlock. Previously, e1000down called cancelworksync for the e1000 reset task via e1000downandstop, which caused a RTNL condition. According to user reports and syzbot, a deadlock may occur i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: HID: wacom: Fixed a crash that occurred in wacomaesbatteryhandler. The commit fd2a9b29dc9c “HID: wacom: Remove AES powersupply after extended inactivity” introduced wacomaesbatteryhandler, which is scheduled as a delayed task...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: Unregisters the ECC engine upon probe error and device removal. The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns an error, and also upon device removal...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal. Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermal Debugcdevstateupdate. This may free the struct thermal...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - For the spi: amlogic: spifc-a4 component, there is a issue where the ECC engine is not registered properly in case of probe failures, and the remove callback is not executed. - The amlsfcprobe function registers the on-host...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: avoided possible crashes when edev-pdev changes. If a PCI device is removed during eehpereportedev, edev-pdev will change, which may cause a crash. It is recommended to hold the PCI rescan/remove lock while taking a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, a null-ptr-deref occurs when removing the module, because transportremovedevice is calle...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A NULL pointer dereference occurred in the brcmftxfinalize function. When the device is removed or the kernel module is unloaded, a potential NULL pointer dereference may occur. The following sequence leads to the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8712: fixed a potential memory leak in r871xudrvinit. In r871xudrvinit, if r8712initdrvsw fails, the memory allocated by r8712allocioqueue in r8712usbdvobjinit is not properly released. This is because no action is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Thermal: Core – Fix the error path in thermal zone device registration If the thermalzonedeviceregisterwithtrips function fails after registering a thermal zone device, it needs to wait for the completion of tz-removal like when...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: pnvphp: Clean up allocated IRQs on unplug When the root of a nested PCIe bridge configuration is unplugged, the pnvphp driver leaks the allocated IRQ resources for the child bridges’ hotplug event notifications, resulting in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release. The drvdata is not available in release. Let’s simply use containerof to obtain the ubd instance. Otherwise, removing a ubd device will result in a crash: RIP: 0033:blkmqfreetagset+0x1f/0xb...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: spmi: mediatek – Fixed UAF issue when removing devices The pmif driver data containing the clocks is allocated together with spmicontroller. When a device is removed, spmicontroller is freed first, and then the devices, including...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Cancel the mesh send timer when the hdev is removed The meshsenddone timer is not canceled when the hdev is removed, which can cause a crash if the timer triggers after the hdev is gone. Cancel the timer when...
UBUNTU-CVE-2026-50265
Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...
CVE-2026-46165
A flaw was found in the Linux kernel's openvswitch vport component. This vulnerability arises during the release of tunnel ports, where a self-deadlock can occur. This prevents the vport from being properly freed and its references released, leading to a system deadlock during device removal. Suc...
UBUNTU-CVE-2026-46235
In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...