CVE-2026-43203 atm: fore200e: fix use-after-free in tasklets during device removal

In the Linux kernel, the following vulnerability has been resolved: atm: fore200e: fix use-after-free in tasklets during device removal When the PCA-200E or SBA-200E adapter is being detached, the fore200e is deallocated. However, the txtasklet or rxtasklet may still be running or pending, leadin...

CVE-2026-43203

The CVE covers a Linux kernel fore200e ATM driver use-after-free during device removal (PCA-200E/SBA-200E). Vulnerability arises when tx_tasklet/rx_tasklet run or pending after fore200e is freed, risking access to freed memory. The published fixes synchronize tasklets with device shutdown by addi...

EUVD-2026-24772

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset FLR concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's...

CVE-2026-31442

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix possible invalid memory access after FLR In the case that the first Function Level Reset FLR concludes correctly, but in the second FLR the scratch area for the saved configuration cannot be allocated, it's...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clear commands after a chip reset, which could lead to stuck commands and DMA mapping errors...

CVE-2025-68236

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down PC=3 According to UFS specifications, the power-off sequence for a UFS device includes: - Sending an SSU command with PowerCondition=3 and await a response. - Asserting...

PT-2025-51649

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s UFS Universal Flash Storage subsystem, specifically within the ufs-qcom component, related to power-down sequences. During UFS device power down,...

CVE-2025-35433

CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An attacker that possesses a previously used token could still log in after a password reset. Fixed in 1.1.1...

CVE-2025-35433

CVE-2025-35433 affects the CISA Thorium framework, where previously issued tokens may remain valid after a password reset, allowing an attacker to log in if they possess an old token. The vulnerability is documented with a high-severity CVSS v3.1 impact (Confidentiality, Integrity, Availability a...

ice: fix memory leak in aRFS after reset

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a memory leak in the ice module after a reset...

CVE-2022-49203 drm/amd/display: Fix double free during GPU reset on DC streams

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams Why The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streams internally from DM to DC. This state backup...

Firewalla 安全漏洞

Firewalla is a driver from Firewalla Inc. A security vulnerability exists in Firewalla versions prior to 1.979 that stems from the presence of multiple authenticated operating system command injection vulnerabilities. An attacker authenticated with the Bluetooth Low Power Interface can use the...

QEMU 资源管理错误漏洞

QEMU is a suite of analog processor software from the French individual developer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in the NVM Express Controller NVME emulation in QEMU that stems from a data structure being released when a reentrant write...

CVE-2018-12332

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick aka SBS 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset...

CVE-2017-17326

Huawei Mate 9 Pro Smartphones with software of LON-AL00BC00B139D; LON-AL00BC00B229 have an activation lock bypass vulnerability. The smartphone is supposed to be activated by the former account after reset if find my phone function is on. The software does not have a sufficient protection of...

CVE-2017-14421

D-Link DIR-850L REV. B with firmware through FW208WWb02 devices have a hardcoded password of wrgac25dlink.2013guidir850l for the Alphanetworks account upon device reset, which allows remote attackers to obtain root access via a TELNET session...