705 matches found
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-8497-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8497-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...
CVE-2026-53348
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC SoundWire Digital Audio SDCA component. The sdcadevunregisterfunctions function does not properly check for NULL function device entries during unregistration. This oversight can lead to a NULL point...
UBUNTU-CVE-2026-53295
In the Linux kernel, the following vulnerability has been resolved: mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference will cause an OOPS which might not be seen because mailbox controllers...
CVE-2026-53295
The CVE-2026-53295 entry covers a Linux kernel vulnerability in the mailbox subsystem: a missing sanity check for the mailbox channel array can lead to a dereference and an OOPS if no channel array is attached. The publicly provided connected sources confirm a patch/fix was applied in kernels and...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Do not store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attachment fails. mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attachment fails. Pass netdev to mlx5edestroynetdev to ensure that it works with a valid netdev. On...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: Ensure that the allocated CPER value will not exceed the limit. The logic in ghesnew prevents allocating too large records by checking whether they are larger than GHESESTATUSMAXSIZE currently 64KB. However, the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the issue with mlx5ibgethwstats when used for devices. Currently, when mlx5ibgethwstats is used for a device where portnum = 0, there is a special handling to ensure that the correct counters are used. However,...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Media: i2c: max9286 – Fix for kernel oops when removing the module When removing the max9286 module, a kernel oops occurs: Unable to handle kernel paging request at virtual address 000000aa00000094 Mem abort info: ESR =...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. There is an out-of-bounds read and an OOPS error for SMB2write, when a large length is present in the zero DataOffset case. source-iocs-preserved const=SMB2WRITE...
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c contains a use-after-free condition and an OOPS error related to SMB2TREEDISCONNECT...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-axi-dmac: ignore interrupt if no descriptor If the channel has no descriptor and the interrupt is raised, then the kernel will make a mistake. Check the result of vchannextdesc in the handler axichanblockxfercomplet...
CVE-2026-47327
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops...
CVE-2026-46257
A flaw was found in the Linux kernel's SP804 timer driver. On ARM32 platforms where the SP804 is not registered as the scheduling clock, the delay timer's clock event instance may not be properly initialized. This can lead to a kernel Oops, which is a system crash, when the system attempts to rea...
CVE-2026-46257
CVE-2026-46257 concerns the Linux kernel SP804 timer driver on ARM32. The issue occurs when the delay timer shares the same clkevt instance with sched_clock; if sp804_clocksource_and_sched_clock_init runs with use_sched_clock != 1, sched_clkevt may be uninitialized, and read_current_timer() ends ...
CVE-2026-46257
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when readcurrenttimer is called on ARM32 platforms where the SP804 is not registered as the schedclock. On SP804, the delay timer shares the same clkevt instance with schedclock. On so...
EUVD-2026-34119
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when readcurrenttimer is called on ARM32 platforms where the SP804 is not registered as the schedclock. On SP804, the delay timer shares the same clkevt instance with schedclock. On so...
Linux Distros Unpatched Vulnerability : CVE-2026-47327
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggere...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the timer-sp804 clock source driver sharing the same clkevt instance when it is not registered as...
Linux Distros Unpatched Vulnerability : CVE-2026-47337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AFINET/AFINET6 socket mediation. The bug can be...