CVE-2026-46184

CVE-2026-46184 relates to the Linux kernel sound/ua101 driver. The root cause is a missing sanity check for bNrChannels in detect_usb_format(), which can lead to a division by zero in playback_urb_complete() and capture_urb_complete() when a device reports bNrChannels = 0. The USB core does not v...

ALSA: caiaq: Handle probe errors properly

...

UBUNTU-CVE-2026-45906

In the Linux kernel, the following vulnerability has been resolved: power: supply: pf1550: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Fixed memory leaks in the probe. Handled error branches to free memory as needed. Addresses-Coverity-ID: 1491825 "Resource leak"...

CVE-2026-43430 usb: yurex: fix race in probe

In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before the URB whose completion handler sets bbu is submitted. Otherwise there is a window during which...

CVE-2026-43087

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mcp23s08: Disable all pin interrupts during probe A chip being probed may have the interrupt-on-change feature enabled on some of its pins, for example after a reboot. This can cause the chip to generate interrupts for...

CVE-2026-31549

In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006903)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006903 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmffwallocrequest This patch fixes a...

CVE-2025-15608

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

EUVD-2025-208907

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

CVE-2025-15608

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

CVE-2025-15608 Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

CVE-2025-15608

The CVE-2025-15608 issue affects TP-Link Archer AX53 (v1). It arises from insufficient input sanitization in the device’s probe handling logic, allowing unvalidated parameters to trigger a stack-based buffer overflow in a central service. The vulnerability may, under specific conditions, enable r...

CVE-2025-15608

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

CVE-2025-15608 Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

PT-2026-26631

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

Oracle Linux 8 / 9 : dtrace (ELSA-2026-50152)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50152 advisory. 2.0.6-1 - Fix dtprobed unsafe probe description handling CVE-2026-21991. Orabug: 39054018 Credit Statement The following people or organizations reported...

CVE-2025-40156

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe The drv-sramreg pointer could be set to ERRPTR-EPROBEDEFER which would lead to a error pointer dereference. Use ISERRORNULL to check that the pointer is vali...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990481 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is th...

media: venus: protect against spurious interrupts during probe

...