Lucene search
K

26 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - regulator: pfuze100 – Fixed the refcount leak in pfuzeparseregulatorsdt. - ofnodeget now returns a node with the refcount incremented. - calling ofnodeput is no longer required when referencing a node is no longer necessary...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.9 views

SUSE CVE-2026-46269

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: 0.732084 Unable to handle kernel NULL point...

5.8AI score0.00113EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the k230 pinctrl driver’s parsing of the device tree. This parsing process involves accessing...

5.5CVSS5.3AI score0.00113EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/08 1:11 p.m.6 views

CVE-2025-71299

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:11 p.m.5 views

CVE-2025-71299

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

5.8AI score0.00121EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/08 1:11 p.m.30 views

CVE-2025-71299 spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-38924

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the spi: cadence-quadspi driver where a runtime PM Power Management disable operation in the probe function error paths can trigger duplicate clock disables. This occu...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace offindnodebypath/ with ofroot to...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/04/24 3:16 p.m.4 views

DEBIAN-CVE-2026-31559

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "offindnodebypath"/"" with "ofroot" to avoid multiple calls to "ofnodeput". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:35 p.m.4 views

CVE-2026-31559

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "offindnodebypath"/"" with "ofroot" to avoid multiple calls to "ofnodeput". 2. Fix a potential kernel oops during early boot when memory allocation fails while parsing CPU...

5.3AI score0.00122EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.7 views

PT-2026-34911

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "of find node by path"/"" with "of root" to avoid multiple calls to "of node put". 2. Fix a potential kernel oops during early boot when memory allocation fails while...

5.3AI score0.00122EPSS
Exploits0References5
CVE
CVE
added 2026/03/25 10:27 a.m.10 views

CVE-2026-23314

The CVE-2026-23314 entry describes a Linux kernel issue in the regulator/bq257xx subsystem: in bq257xx_reg_dt_parse_gpio(), if it fails to obtain a subchild, it may return without calling of_node_put(child), leaking a device node reference. The vulnerability is reported as resolved in the Linux k...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/12/16 3:30 p.m.4 views

EUVD-2025-203674

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

6AI score0.00175EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/10/07 11:49 p.m.4 views

SUSE CVE-2022-50548

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846parsedt If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources don't get released before returning, which leads to a memleak. Fix this by...

5.5CVSS6.4AI score0.00184EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 3:21 p.m.6 views

EUVD-2025-32807

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846parsedt If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources don't get released before returning, which leads to a memleak. Fix this by...

5.9AI score0.00184EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-25548

Malicious code in bioql PyPI...

6.4AI score0.00143EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-38654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinct...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/24 4:7 p.m.7 views

CVE-2025-38654

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. This ensures that device tree parsing is done before calling devmpinctrlregister to prevent using uninitialized pin resource...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References4
NVD
NVD
added 2025/08/22 4:15 p.m.10 views

CVE-2025-38654

In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix order of DT parse and pinctrl register Move DT parse before pinctrl register. This ensures that device tree parsing is done before calling devmpinctrlregister to prevent using uninitialized pin resource...

5.5CVSS0.00143EPSS
Exploits0References3
CVE
CVE
added 2025/08/22 4:0 p.m.25 views

CVE-2025-38654

CVE-2025-38654 concerns the Linux kernel pinctrl path for canaan k230. The vulnerability arises from the ordering of device-tree parsing and pinctrl registration, where device-tree parsing must complete before devm_pinctrl_register() is called to avoid using uninitialized pin resources. The provi...

5.5CVSS6.5AI score0.00143EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder