Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Remove WARNON from functionfsbind This commit addresses an issue related to a kernel panic that occurs when paniconwarn is enabled. The issue is caused by the unnecessary use of WARNON in functionfsbind, which c...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: USB: gadget: Fixed the memory leak in the rawgadget driver. Currently, increasing rawdev-count occurs before invoking rawqueueevent. If rawqueueevent returns an error, invoking rawrelease will not trigger devfree to be called...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget structure pdev-gadget was freed before its endpoints. The endpoints are...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor the bind path to use free After a bind/unbind cycle, the ecm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: udc: fix use-after-free in usbgadgetstatework A race condition during the gadget teardown can lead to a use-after-free in usbgadgetstatework, as reported by KASAN: - BUG: KASAN: invalid-access in sysfs...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor the bind path to use free After a bind/unbind cycle, the ncm-notifyreq remains stale. If a subsequent bind fails, the unified error handling mechanism attempts to free this stale request. This leads to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix refcount leak on error path When failing to allocate reportdesc, opts-refcnt has already been incremented; therefore, it needs to be decremented to prevent the options structure from being permanently locke...

CLSA-2026-1780132171 Fix of 25 CVEs

CVE-2025-68724 - crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid CVE-2025-68724 CVE-2025-71196 - phy: stm32-usphyc: Fix off by one in probe CVE-2025-71196 CVE-2026-23033 - dmaengine: omap-dma: fix dmapool resource leak in error paths CVE-2026-23033 CVE-2026-23049 -...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fixed atomic context locking issue The ncmsetalt function was holding a mutex to prevent race conditions with configfs. This function invokes the mightsleep function within an atomic context. The struct pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: gadget: uether: Fixed a NULL pointer dereference in ethgetdrvinfo. The commit ec35c1969650 “usb: gadget: fncm: Fixed the netdevice lifecycle with devicemove” re-parents the gadget device to /sys/devices/virtual during...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uSerial: Added a null pointer check in gserialresume. Consider a scenario where gserialdisconnect has already cleared gser-ioport. If a wakeup interrupt is triggered later, gserialresume will be called, which will...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: Core: Prevent panic during UVC unconfiguration Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget’s configuration. The panic involves a somewhat complex...

SUSE CVE-2026-43327

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

SUSE CVE-2026-43421

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...

SUSE CVE-2026-43423

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

SUSE CVE-2026-43343

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fsubset: Fix unbalanced refcnt in gethfree gethalloc increments the reference count, but gethfree fails to decrement it. This prevents the configuration of attributes via configfs after unlinking the function...

SUSE CVE-2026-43342

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...

SUSE CVE-2026-43424

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ftcm: Fix NULL pointer dereferences in nexus handling The tpg-tpgnexus pointer in the USB Target driver is dynamically managed and tied to userspace configuration via ConfigFS. It can be NULL if the USB host sends...

CVE-2026-43424

A flaw was found in the Linux kernel's USB gadget subsystem ftcm. A malicious or misconfigured USB host can exploit a race condition by sending specific Bulk-Only Transport BOT commands. This can trigger a NULL pointer dereference, leading to a kernel panic and a local Denial of Service DoS on th...

CVE-2026-43421

A flaw was found in the Linux kernel's USB gadget function for Network Control Model NCM. During device disconnection, a network device could outlive its parent gadget device, leading to dangling system file system sysfs links and null pointer dereference problems. This vulnerability can result i...