Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: qcom: at803x: fix kernel panic with at8031probe When reworking and splitting the at803x driver, a NULL dereference bug was identified in the function that splits at803x PHYs. In this bug, the variable priv is referenced...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: A memory leak has been fixed in dwc3qcominterconnectinit. In the alloc Resources for path handle function of oficcget, resources should be released when they are no longer needed. This should be done similarly in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: pas: Shutting down lite ADSP DTB on X1E The ADSP firmware on X1E has separate firmware binaries for the main firmware and the DTB. The same applies to the “lite” firmware loaded by the boot firmware. When...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: qcom: bamdma: Fixed error handling for num-channels/ees When there is no clock specified in the device tree, there is no way to ensure that BAM is enabled. This often occurs for remotely controlled or remotely power...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: qdsp6: Fixed the issue where q6apm removal ordering occurs during ADSP stop and start. During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. During ADSP stop, the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: qcom: scm: smc: Handle missing SCM devices The commit ca61d6836e6f “firmware: qcom: scm: fix a NULL-pointer dereference” makes it explicit that qcomscmgettzmempool may return NULL. Therefore, its users should handle thi...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fixed the potential null pointer dereferencing issue. It is possible that the topology parsing function audioreachwidgetloadmodulecommon might return NULL or an error pointer. A NULL check should be added ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The Linux kernel before version 6.2.9 has a race condition, which can lead to a use-after-free issue in the drivers/net/ethernet/qualcomm/emac/emac.c file. This issue occurs when a physically nearby attacker disconnects an EMAC-based device...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: EDAC/qcom: Do not pass llccdrivdata as edacdevicectlinfo’s pvtinfo. The memory for llccdrivdata is allocated by the LLCC driver. However, when it is passed as private driver information to the EDAC core, it will be freed during t...

Qualcomm Fastboot UEFI Vulnerabilities - Lenovo Support US

No description provided...

SUSE CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

UBUNTU-CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

EUVD-2026-35151

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

CVE-2026-46286 leds: qcom-lpg: Check for array overflow when selecting the high resolution

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from out-of-bounds access to arrays in the qcom-lpg driver, potentially leading to system crashes...

Unbreakable Enterprise kernel security update

5.4.17-2136.356.4.2 - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017592 CVE-2025-10263 - arm64: tlb: Add ARM64WORKAROUNDREPEATTLBISYNC Mark Rutland Orabug: 39017592 - ARM: uek: Disable CONFIGQCOMFALKORERRATUM1003 Boris Ostrovsky Orabug: 39017592 - arm64: tlb:...

SUSE CVE-2026-46247

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46247

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46247 clk: qcom: gfx3d: add parent to parent request map

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46247

Summary: CVE-2026-46247 affects the Linux kernel gfx3d clock driver. The root cause was an incorrect parent map during GFX3D clock rate determination, which prevented the best_parent_hw from being provided, leading to a crash. The fix adds the missing field in the parent request mapping (in addit...