758 matches found
EUVD-2026-40966
In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is already up when the PDR lookup is being registered, or in the...
CVE-2026-53331
In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...
Linux Distros Unpatched Vulnerability : CVE-2026-53052
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq8074: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084 – fixed the termination of frequency table arrays. The frequency table arrays should be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: soc: qcom: smsmm: Fixed refcount leaks in qcomsmsmprobe There are two refcount leaks in qcomsmsmprobe: 1 The localnode variable is escaped from foreachchildofnode at the end of the iteration. We should call ofnodeput for it in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynamic IDs for SM8450 platform interconnects left two links unconverted. This issue was fixed to avoid NULL pointer dereference during runtim...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: sysmon: fix memory leak in qcomaddsysmonsubdev The kfree function should be called when ofirqgetbyname fails or devmrequestthreadedirq fails in qcomaddsysmonsubdev. Otherwise, a memory leak will occur; therefore, addi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task The changes made in commit 1afa70632c39 “serial: qcom-geni: Enable PM runtime for serial driver” and its dependent commit 86fa39dd6fb7 “serial: qcom-geni: Enable Serial on SA8255p Qualcomm...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on appssmmu” has been reverted. There are reports that the pagetable walker cache coherence does not remain consistent across various SDM845/850 devices, leading to lock-ups and resets...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix potential memory leak The function dwc3qcomprobe allocates memory for the resource structure pointed by the parentres pointer. This memory is not freed, leading to a memory leak. Using stack memory can preven...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq9574: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fixed the reset-controller leak in cases of probe errors. Be sure to release the lane reset controller in case of a late probe error e.g., probe deferral...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: clk: qcom: ipq8074: Fixed the PCI-E clock-related errors. Fixed kernel errors related to PCI-E clocks caused by a missing clock parent. pcie0rchngclksrc has numparents set to 2, but only one parent is actually set via parenthw...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23026)
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...
CVE-2026-46286
A flaw was found in the Linux kernel's qcom-lpg LED driver. This vulnerability, an array overflow, occurs when the driver attempts to select high-resolution values. Due to incorrect indexing, the system may read random data from memory, which could lead to information disclosure or unpredictable...
CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
CVE-2026-46286 affects the Linux kernel’s leds: qcom-lpg driver. Root cause: selecting high-resolution values uses FIELD_GET() from a 3-bit register while indexing into an array that has only 5 values, risking out-of-bounds access. The description states this was resolved by adding a proper bound...
PT-2026-47358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array overflow occurs in the qcom-lpg LED driver. The FIELD GET function retrieves a value from a 3-bit register to index an array; however, the array contains only 5 elements. This...