Linux Distros Unpatched Vulnerability : CVE-2026-46134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL...

SUSE CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

CVE-2026-46134

A flaw was found in the Linux kernel's crosectypec component. This vulnerability occurs because a mutex, a mechanism used to prevent simultaneous access to shared resources, was not properly initialized during Thunderbolt registration. This oversight can lead to a NULL dereference, potentially...

CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

UBUNTU-CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

EUVD-2026-32761

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

CVE-2026-46134

Summary: CVE-2026-46134 affects the Linux kernel, specifically the Thunderbolt path under platform/chrome for CrosEC Type-C. The root cause was that in cros_typec_register_thunderbolt(), the adata->lock mutex was not initialized, which can lead to a NULL dereference when the mutex is later acq...

CVE-2026-46134 platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

PT-2026-44257

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros ec typec: Init mutex in Thunderbolt registration cros typec register thunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in cros typec...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the data-lock mutex is not initialized during Thunderbolt registration using...

ROS-20260524-73-0054

Vulnerability in nextcloud related to the use of dangerous methods or features. Exploitation of the vulnerability could allow an attacker to directly access the memory of a computing device to which thunderbolt-enabled devices are connected...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Do not double-dequeue a configuration request. Some of our devices may crash when calling tbcfgrequestdequeue: This issue is likely due to a general protection fault, possibly related to the non-canonical address...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: thunderbolt: A memory leak has been fixed in tbnetopen. When tbringallocrx fails in tbnetopen, the memory allocated in tbxdomainallocouthopid is not released. Add tbxdomainreleaseouthopid to the error path to release the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Fixed a use-after-free in tbdpdprxwork. The original code relied on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item tunnel-dprxwork has fully completed if it was already running...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Thunderbolt: Mark the XDomain as unplugged when the router is removed. I noticed that when we perform discrete host-router NVM upgrades, and the router is hot-unplugged due to NVM firmware authentication issues, if there are othe...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a system hang that occurs when resuming with a Thunderbolt monitor. Why The issue arises when using a Thunderbolt monitor and performing suspend operations; the system may hang during resume. During the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed a use-after-free of slot-bus during hot removal. Dennis reported a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c “thunderbolt: Reset USB4 v2 host router” and commit 59a54c5f3dbd...

kernel security update

5.14.0-611.54.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

kernel security update

6.12.0-124.55.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...