RLSA-2026:21745 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

RLSA-2026:21556 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

AlmaLinux 8 : kernel-rt (ALSA-2026:21745)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

CVE-2026-46232

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. A malicious device could provide an excessively large number of touch reports, leading to an out-of-bounds read in the dualshock4parsereport function. This could allow an attacker to read up to 2 KiB of kernel...

CVE-2026-46202

The CVE-2026-46202 entry describes a Linux kernel vulnerability in HID: appletb-kbd where backlight_device_set_brightness() could be called from atomic contexts (softirq or IRQ path) via mutex_lock, risking a sleep in an invalid context. The fix moves the blocking work to a system workqueue: conv...

CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq

A flaw was found in the Linux kernel's Wacom Human Interface Device HID driver. This vulnerability allows a remote attacker to trigger an out-of-bounds read by sending a specially crafted, short Bluetooth HID report. This can lead to the disclosure of sensitive information from the system's memor...

CVE-2026-45969

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. The psgamepadcreate function does not verify the return value of inputffcreatememless. This missing check can lead to incorrect behavior or potential system crashes when Force Feedback FF effects are activated...

CVE-2026-45877

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through UHID, there is a possibility that we do not have output reports, and as a result, reportfield is set to null...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: Ignore non-functional sensors in the HP 5MP Camera The HP 5MP Camera USB ID 0408:5473 reports a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iioinfo causes the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: Do not bypass hidhwrawrequest The hidhwrawrequest function is actually useful for ensuring that the provided buffer and length are valid. Directly calling this function in the low-level transport driver bypassed those...

ROS-20260520-73-0001

A vulnerability in the HID component of the Linux operating system kernel is related to memory utilization after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

SUSE CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-8515

An use after free flaw was found in the HID component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495999127...

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

EUVD-2026-30428

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...