198 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is...
kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()
A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...
SUSE CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
SUSE CVE-2026-53299
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainittx If queue entry list allocation fails in airohaqdmainittxqueue routine, airohaqdmacleanuptxqueue will trigger a NULL pointer dereference accessing the queue entry...
Linux Distros Unpatched Vulnerability : CVE-2026-53158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: Fix NULL pointer dereference in rpmsg callback A NULL pointer dereference was observed on Hawi at boot when the DSP sends a glink message before...
CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
SUSE CVE-2026-53204
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...
CVE-2026-53158
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix NULL pointer dereference in rpmsg callback A NULL pointer dereference was observed on Hawi at boot when the DSP sends a glink message before fastrpcrpmsgprobe has completed initialization: Unable to handle kern...
UBUNTU-CVE-2026-53243
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...
CVE-2026-53204
The CVE-2026-53204 issue concerns the Linux kernel firmware for Stratix 10 RSU (rsu_send_msg timeout). When wait_for_completion_interruptible_timeout() times out while an SMC call is pending, rsu_send_msg() could lead to a NULL dereference in stratix10_rsu_probe() due to error-path handling that ...
CVE-2026-53158 misc: fastrpc: Fix NULL pointer dereference in rpmsg callback
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix NULL pointer dereference in rpmsg callback A NULL pointer dereference was observed on Hawi at boot when the DSP sends a glink message before fastrpcrpmsgprobe has completed initialization: Unable to handle kern...
CVE-2026-53158
The CVE-2026-53158 issue affects the Linux kernel misc: fastrpc subsystem, where a NULL pointer dereference could occur in rpmsg callback if fastrpc_rpmsg_probe() hasn’t completed or if the callback fires before dev_set_drvdata(). The fault trace points to a NULL cctx in fastrpc_channel_ctx when ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In ext4, the order of execution of functions ext4percpuparaminit and ext4mbinit has been changed. When running kvm-xfstests -c ext4/1k -C 1 generic/383 with the DOUBLECHECK macro defined, a panic occurs as follows:...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: In net: liquidio, there is a issue where the netdev pointer must be initialized before queue setup is performed. In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored ...
PT-2026-51903
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the ice network driver occurs during network packet transmission. When the ice tso or ice tx csum functions fail, the error path in ice xmit frame ring frees the network buffer...
CVE-2024-58350 Ghidra < 11.2 - Use After Free in Sleigh Backend via Static Initialization Order
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
CVE-2024-58350
Ghidra prior to 11.2 contains a use-after-free in the Sleigh backend caused by undefined static initialization order of SleighArchitecture::translators and XmlArchitectureCapability singletons. This can enable an attacker to trigger an infinite loop or denial of service during shutdown due to uns...
CVE-2026-46279
A flaw was found in the Linux kernel's memory management subsystem. Due to an initialization ordering issue, certain pages allocated before the pageext structure is fully available may have uninitialized codetag references. This can lead to a warning being triggered when these pages are later...
CVE-2026-46181
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4srqevent Sashiko points out the radixtree itself is RCU safe, but nothing ever frees the mlx4srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will crash...
EUVD-2026-32808
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4srqevent Sashiko points out the radixtree itself is RCU safe, but nothing ever frees the mlx4srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will crash...