CVE-2026-46267 nfc: hci: shdlc: Stop timers and work before freeing context

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

EUVD-2026-34129

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

PT-2026-46030

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF condition exists in the Linux kernel's NFC HCI SHDLC implementation. The function llc shdlc deinit purges SHDLC skb queues and frees the llc shdlc structure while...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks attempting to cancel each other can also occur when using bpfmapupdateelem. More precisely, freeing elements containi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Cancel the running BPF timer through kworker for PREEMPTRT During the update process, when overwriting an element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: dm cache: Fixed UAF in destroy Dmcache also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is cancelled again in destroy...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fixed the use-after-free vulnerability in the ether3 driver due to race conditions. In the ether3probe function, a timer is initialized using a callback function called ether3ledoff, which is bound to &prevdev-timer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - dm integrity: Fixed a UAF Use-after-Allocation issue in dmintegritydtr. - dmintegrity also has the same UAF problem when dmresume and dmdestroy are executed concurrently. Therefore, the timer in dmintegritydtr is canceled...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013363 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010803 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

CVE-2026-23014 perf: Ensure swevent hrtimer is properly destroyed

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

SUSE CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

UBUNTU-CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

EUVD-2026-4637

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

CVE-2026-22997

The CVE-2026-22997 issue affects the Linux kernel CAN/J1939 subsystem. The root cause is that j1939_session_deactivate_activate_next() is only invoked in j1939_tp_rxtimer() when the timer is enabled, allowing a refcount leak if the timer is cancelled without calling the function. This can lead to...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42239)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42239 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback ...

PT-2026-4659

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to CAN Controller Area Network functionality within the J1939 protocol. Specifically, the issue involves a reference count leak within the j1939...