Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of uvcvideo to return the buffer queue when startstreaming fails, potentially leading...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: media: cx88: A null-ptr-deref bug was fixed in bufferprepare. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in bufferqueue. The...

CVE-2026-43031

A flaw was found in the Linux kernel's xilinx axienet network driver. This vulnerability arises from incorrect accounting of Buffer Queue Length BQL, a mechanism that manages network buffer usage, for transmit TX packets that are split across multiple buffer descriptors. If these packet segments...

EUVD-2026-24825

In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex MEDIAREQUESTIOCREINIT can run concurrently with VIDIOCREQBUFS0 queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005556 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenar...

CVE-2026-23150

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: Fix memleak in nfcllcpsenduiframe. syzbot reported various memory leaks related to NFC, struct nfcllcpsock, skbuff, nfcdev, etc. 0 The leading log hinted that nfcllcpsenduiframe failed to allocate skb due to sockerrors...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003025 advisory. drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mcuexit function of mt7996 not clearing the skb queue, which could lead to a memory leak...

CVE-2025-68234 io_uring/cmd_net: fix wrong argument types for skb_queue_splice()

In the Linux kernel, the following vulnerability has been resolved: iouring/cmdnet: fix wrong argument types for skbqueuesplice If timestamp retriving needs to be retried and the local list of SKB's already has entries, then it's spliced back into the socket queue. However, the arguments for the...

EUVD-2025-201643

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989517)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989517 advisory. In the Linux kernel, the following vulnerability has been resolved: media: stk1160: If start stream fails, return buffers with VB2BUFSTATEQUEUED If the callback...

EUVD-2025-25582

Malicious code in bioql PyPI...

CVE-2023-53519

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-mem2mem: add lock to protect parameter numrdy Getting below error when using KCSAN to check the driver. Adding lock to protect parameter numrdy when getting the value with function:...

PT-2025-40204

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc1-00023-g6c94e2e99343 Description The vsp1 driver in the Linux kernel incorrectly uses the vb2 is streaming function to determine if the .start streaming operation has been called. A change in the vb2 cor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly cleaning up the mcu skb queue in the mt7915mcuexit function, which could lead to a memory leak...

CVE-2022-50359

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in bufferqueue. The following log...

DEBIAN-CVE-2022-50359

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in bufferqueue. The following log...

CVE-2022-50359

CVE-2022-50359 affects Linux kernel media driver cx88: null-ptr-deref in buffer_prepare() when cx88_risc_buffer() fails, leading to empty buffer and null-ptr-deref in buffer_queue(). The issue is fixed by validating the return value of cx88_risc_buffer() before use. Affected reports in connected ...

CVE-2022-50359

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in bufferqueue. The following log...

CVE-2025-38619

In the Linux kernel, the following vulnerability has been resolved: media: ti: j721e-csi2rx: fix listdel corruption If ticsi2rxstartdma fails in ticsi2rxdmacallback, the buffer is marked done with VB2BUFSTATEERROR but is not removed from the DMA queue. This causes the same buffer to be retried in...