CVE-2026-37234

FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xappids by sending multiple E42SETUPREQUESTs. On disconnect, only the first registered xappid's resources are cleaned up; subsequent xappids and their subscriptions remain as stale entries. A remote attacker can exploit this to leak...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the batman-adv module not stopping the tpmeter session during network disconnection, allowing for...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the batman-adv module not rejecting new tpmeter sessions during network disconnection. This allow...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module loading, a kthread is created that targets the pvr2contextthreadfunc function. This function may call pvr2contextdestroy, thereby calling kfree on the contex...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fixed an issue where the peerid of 0 was not found when the connection was disconnected. There is a failure log for this issue, located at ath11kdprxprocessmonstatus. When debugmask is not set to ATH11KDBGDATA, no l...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘ipmi: fix msg stack when IPMI is disconnected’” This change is reflected in the commit c608966f3f9c2dca596967501d00753282b395fc. This patch contains a subtle bug that can cause the IPMI driver to enter an infinite loop i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: cancel mloscanstartwk The mloscanstartwk operation is not canceled upon disconnection. In fact, it isn’t canceled anywhere else, except during the restart cleanup, where we don’t actually need to cancel it. Th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021606 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed t...

CVE-2026-43479

A flaw was found in the Linux kernel's USB network device driver lan78xx. A redundant function call during the disconnection of a USB device can trigger a kernel warning. This issue may lead to system instability or a denial of service, impacting the availability of the system...

CVE-2026-40136

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...

CVE-2026-43126

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA Open Sound System OSS mixer component. This vulnerability arises when pending calls to kernel control operations are not properly handled during device disconnection, leading to potential Use-After-Free UAF scenarios. A...

EUVD-2026-27687

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...

CVE-2026-43130

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...

CVE-2026-43126

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of card disconnection checkpoints added to the ALSA OSS mixer layer. This vulnerability...

PT-2026-37466

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the ALSA OSS mixer layer. The mixer layer calls kcontrol operations individually, which may result in pending calls not being caught when a device is...

Astra Linux - уязвимость в linux, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: Fixed deadlocks that occur during the removal of kctl elements at disconnection. In sndcarddisconnect, we set the card-shutdown flag at the beginning, call callbacks, and perform synchronization for the card-powerrefsleep...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the gpib lpvousb driver failing to release a USB device reference upon disconnection, which could lead to a...

CVE-2026-31672

A flaw was found in the Linux kernel's rt2x00usb component, which handles Wi-Fi USB devices. This issue stems from improper management of system memory allocated for USB devices. When a Wi-Fi USB device driver is unloaded without the device being physically disconnected, the system may fail to...

CVE-2026-31651

A flaw was found in the Linux kernel's mmc: vub300 driver. This vulnerability allows a local attacker to trigger a NULL-pointer dereference or use-after-free condition during device disconnection. Successful exploitation could lead to a system crash, resulting in a denial of service...