Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Driver: Base – Fixed UAF when driverattach fails When driverattachdrv fails, the driverprivate variable is freed. However, it was added to the bus, which caused a UAF Use-after-Allocation Fault. To fix this issue, we need to remo...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010939 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: Fix several use-after-free bugs Several types of UAFs can occur when physically...

UBUNTU-CVE-2023-54321

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd I got the following null-ptr-deref report while doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058 CPU: 2 PID: 278 Comm: 37-i2c-ds248...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992227 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo...

TencentOS Server 4: kernel (TSSA-2025:0047)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0047 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

SUSE CVE-2023-53363

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pcibusreleasedomainnr Commit c14f7ccc9f5d "PCI: Assign PCI domain IDs by idaalloc" introduced a use-after-free bug in the bus removal cleanup. The issue was found with kfence: 19.293351 BUG: KFENCE:...

CVE-2023-53363

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pcibusreleasedomainnr Commit c14f7ccc9f5d "PCI: Assign PCI domain IDs by idaalloc" introduced a use-after-free bug in the bus removal cleanup. The issue was found with kfence: 19.293351 BUG: KFENCE:...

CVE-2023-53363

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pcibusreleasedomainnr Commit c14f7ccc9f5d "PCI: Assign PCI domain IDs by idaalloc" introduced a use-after-free bug in the bus removal cleanup. The issue was found with kfence: 19.293351 BUG: KFENCE:...

PT-2025-38213

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue was identified in the Linux kernel related to PCI bus removal cleanup. Specifically, the vulnerability occurs in the pci bus release domain nr function after the...

kernel: driver: base: fix UAF when driver_attach failed

A flaw was discovered in the Linux kernel’s device driver core. When driverattachdrv fails, the associated driverprivate structure is freed—but the driver remains registered on the bus. This leads to a use-after-free condition when the kernel subsequently references the freed driverprivate. A...

kernel: driver: base: fix UAF when driver_attach failed

A flaw was discovered in the Linux kernel’s device driver core. When driverattachdrv fails, the associated driverprivate structure is freed—but the driver remains registered on the bus. This leads to a use-after-free condition when the kernel subsequently references the freed driverprivate. A...

DEBIAN-CVE-2025-38624

In the Linux kernel, the following vulnerability has been resolved: PCI: pnvphp: Clean up allocated IRQs on unplug When the root of a nested PCIe bridge configuration is unplugged, the pnvphp driver leaked the allocated IRQ resources for the child bridges' hotplug event notifications, resulting i...

CVE-2022-50133

In the Linux kernel, the following vulnerability has been resolved: usb: xhciplatremove: avoid NULL dereference Since commit 4736ebd7fcaff1eb8481c140ba494962847d6e0a "usb: host: xhci-plat: omit shared hcd if either root hub has no ports" xhci-sharedhcd can be NULL, which causes the following Oops...

kernel: PCI: Fix use-after-free of slot->bus on hot remove

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c "thunderbolt: Reset USB4 v2 host router" and commit 59a54c5f3dbd "thunderbolt: Res...

UBUNTU-CVE-2022-48812

In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...