Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fixed an oops in port-pm when calling uartchangepm Unloading a hardware-specific 8250 driver may cause an error “Unable to handle kernel paging request at virtual address” about ten seconds after unloading the drive...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Do not skip resource freeing if pmruntimeresumeandget fails. Returning an error code from .remove causes the driver core to emit a somewhat useless error message: remove callback returned a non-zero value. Thi...

Astra Linux - уязвимость в chromium

In the Blink Serial API in Google Chrome, a memory access out of bounds was allowed before version 97.0.4692.71. This allowed a remote attacker to perform a memory read through a crafted HTML page and a virtual serial port driver...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port-pm on port-specific driver unbind When we unbind a serial port via a hardware-specific 8250 driver, the generic serial8250 driver takes over control of the port. After that, an oops occurs approximately ...

Astra Linux - уязвимость в linux-5.10, linux

KGDB and KDB allow read and write access to kernel memory, and therefore should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger, so it is important that the debugger respects the lockdown mode when/if it is triggered. CVSS 3.1 Base Score: 6.7...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: 8250port: Check IRQ data before use If the leaf driver wishes to use IRQ polling irq = 0, and the IIR register indicates that an interrupt occurred in the 8250 hardware, the IRQ data can be NULL. In such cases, we need to...

EUVD-2026-27355

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA dmaengineterminateasync does not guarantee that the dmatxcomplete callback will run. The callback is currently the only place where dma-txrunning gets cleared. If the transaction is...

CVE-2026-43061

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA dmaengineterminateasync does not guarantee that the dmatxcomplete callback will run. The callback is currently the only place where dma-txrunning gets cleared. If the transaction is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear the txrunning flag when canceling TX DMA transfers via the 8250 serial port...

CVE-2026-43032

CVE-2026-43032 affects the Linux kernel NFC pn533/pn532 UART receive path. The root cause is that pn532_receive_buf() appends incoming bytes to dev->recv_skb and only clears the partial frame when a complete PN532 frame header is recognized, allowing a continuous invalid stream to grow the skb...

[SECURITY] Fedora 44 Update: qt6-qtserialport-6.10.3-1.fc44

Qt Serial Port provides the basic functionality, which includes configuring, I/O operations, getting and setting the control signals of the RS-232 pinouts...

[SECURITY] Fedora 44 Update: qt6-qtspeech-6.10.3-1.fc44

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

[SECURITY] Fedora 44 Update: mingw-qt6-qtserialport-6.10.3-1.fc44

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

freerdp: FreeRDP heap-use-after-free

A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013510)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013510 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port-pm on port specific driver unbind When we unbind a serial port hardware...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011197 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port-pm on port specific driver unbind When we unbind a serial port hardware...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006746 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERRRESPEN parameter is set to 1, the device...

CVE-2026-23472

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...

CVE-2026-23472

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...

CVE-2026-23472 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...