4629 matches found
EUVD-2026-38987
In the Linux kernel, the following vulnerability has been resolved: platform/wmi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which c...
CVE-2026-53041 ocfs2: fix listxattr handling when the buffer is full
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...
EUVD-2026-38909
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...
CVE-2026-53041
CVE-2026-53041 concerns OCFS2 in the Linux kernel. When an OCFS2 inode has both inline and block-based xattrs, listxattr() could report a size larger than the caller’s buffer if inline names consumed the buffer exactly, triggering a kernel bug/DoS. The root cause was a refactor that used size == ...
CVE-2026-52992
CVE-2026-52992 concerns the Linux kernel ADfS boot-block validation. The vulnerability arises in fs/adfs when nzones is 0: adfs_read_map() passes 0 to kmalloc_array, returning ZERO_SIZE_PTR, and adfs_map_layout() then writes to dm[-1], causing an out-of-bounds write before the allocated buffer. T...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Free routing table on probe failure If complete is set to true in dsatreesetup, it means that we are the last switch in the tree that is being probed successfully. We should then set up all switches along our probe path...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fixed a segfault in tcmlooptpgaddressshow If the allocation of tlhba-sh fails in tcmloopdriverprobe, and we attempt to dereference it in tcmlooptpgaddressshow, we will encounter a segfault. See below for an...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: - net: 3com: 3c59x – fixed a possible null dereference in vortexprobe1 - pdev can be null, and freering can be called in 1297 with a null pdev...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: crypto: caam – Fixed a memory leak in dpaa2caamprobe. When commit 0e1a4d427f58 “crypto: caam: Unembed netdev structure in dpaa2” converted the embedded netdevice to dynamically allocated pointers, it added cleanup code in...
PT-2026-51935
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the OCFS2 file system where the listxattr function can return a size larger than the caller's buffer. This occurs when an OCFS2 inode contains both inline and...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ptpqoriq: fixed a memory leak in probe Smatch reports the following issue: drivers/ptp/ptpqoriq.c, ptpqoriqprobe: warning that the ‘base’ from ioremap was not released. This issue can be fixed by revising the parameter from...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Media: i2c: ov772x: Fixed a memory leak in ov772xprobe. A memory leak was reported when testing ov772x with the bpf mock device. AssertionError: Unreferenced object 0xffff888109afa7a8 size 8: comm "python3", pid 279, jiffies...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcdmipid: Fixed an error handling path in mipidspiprobe. If ‘mipiddetect’ fails, we must free ‘md’ to avoid a memory leak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: octeonep: Canceling queued operations in the probe error path If it fails to obtain the device’s MAC address, octepprobe exits while leaving the delayed intrpolltask queued. When the operation runs later, it constitutes a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to remove the references made when looking up the ICU device during probe failures e.g., probe deferrals...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: misc: tifpc202: fixed a potential memory leak in the probe function. Used “foreachchildofnodescoped” to simplify the code and ensure that the device node reference is automatically released when the loop scope ends...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: The refcount leak in mvebugicpprobe has been fixed. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add ofnodep...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device booting, the HPD interrupt might be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver attempts to access the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fixed a memory leak in amlspisgprobe. In amlspisgprobe, the ctlr variable is allocated by spialloctarget/spiallochost, but the call to spicontrollerput fails in several error paths. This results in a memory le...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Do not call kfree on devices managed by devres. Since the allocation of the driver’s main structure was changed to devmdrmdevalloc, the rdev is managed by devres, and we should not call kfree on it. This fix prevents...