131 matches found
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: net: caif: fixed a memory leak in caifdevicenotify In the event of a failure in caifenrolldev, the allocated linksupport will not be assigned to the corresponding structure. Therefore, simply free the allocated pointer in case of...
CVE-2026-45866
A flaw was found in the Linux kernel's CAIF serial line discipline. A race condition exists between the ldiscclose function, which frees the terminal tty device, and the handletx function, which may attempt to access the freed device. This use-after-free UAF vulnerability allows a local attacker ...
SUSE CVE-2026-45866
In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...
SUSE CVE-2026-46098
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...
EUVD-2026-32332
In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...
CVE-2026-46098
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...
UBUNTU-CVE-2026-46098
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...
CVE-2026-45866
In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...
UBUNTU-CVE-2026-45866
In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...
CVE-2026-46098 net: caif: clear client service pointer on teardown
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...
CVE-2026-46098
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...
EUVD-2026-32481
In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...
CVE-2026-46098
CVE-2026-46098 affects the Linux kernel caif driver. The vulnerability arises when, after remote shutdown, caif_connect() tears down a client by calling caif_disconnect_client() and caif_free_client(), where caif_free_client() releases the service layer pointer but leaves adap_layer->dn dangli...
CVE-2026-45866 serial: caif: fix use-after-free in caif_serial ldisc_close()
In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...
CVE-2026-45866
The CVE-2026-45866 case concerns a use-after-free in the Linux kernel caif_serial ldisc path. A race between ldisc_close() and packet transmission can cause handle_tx() to access ser->tty after the tty is freed, due to tty_kref_put() being invoked in ldisc_close() while the network device may ...
CVE-2026-45866
In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...
PT-2026-43733
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the caif serial component of the Linux kernel. A race condition occurs between the ldisc close function and packet transmission. Specifically, ldisc clos...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the caif driver failing to clear the client service pointers during disassembly. This could lead ...
PT-2026-43966
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the caif connect function where a client is torn down after a remote shutdown by calling caif disconnect client and caif free client. The caif free client function...
CVE-2026-45866
serial: caif: fix use-after-free in caifserial ldiscclose...