677 matches found
CVE-2026-43324
In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...
CVE-2026-43324
The CVE-2026-43324 entry covers a Linux kernel USB dummy-hcd synchronization bug. The issue stems from an emulated synchronize_irq() that ran before emulated interrupt-disable, allowing potential callback races when a gadget driver is unbound. The fix moved synchronization to the dummy_udc_async_...
PT-2026-38975
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An interrupt synchronization error exists in the dummy-hcd driver. The emulated synchronize irq function, which ensures all current handler callbacks have returned, was executing before...
[SECURITY] Fedora 43 Update: pyOpenSSL-26.1.0-1.fc43
High-level wrapper around a subset of the OpenSSL library, includes among oth ers SSL.Connection objects, wrapping the methods of Python's portable sockets Callbacks written in Python Extensive error-handling mechanism, mirroring OpenSSL's error codes...
CVE-2026-43281 mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate()
In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fwmboxindexxlate Although it is guided that mbox-cells must be at least 1, there are many instances of mbox-cells = ; in the device tree. If that is the case and the corresponding mailbox...
[SECURITY] Fedora 44 Update: pyOpenSSL-26.1.0-1.fc44
High-level wrapper around a subset of the OpenSSL library, includes among oth ers SSL.Connection objects, wrapping the methods of Python's portable sockets Callbacks written in Python Extensive error-handling mechanism, mirroring OpenSSL's error codes...
CVE-2025-47406
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...
CVE-2025-47406
CVE-2025-47406 is a DSP Service buffer over-read vulnerability where information disclosure can occur during processing of IOCTL handler callbacks without verifying the input buffer size. The NVD entries describe the issue as Information Disclosure with a CVSSv3.1 base score of 6.1 (Medium), with...
CVE-2025-47406 Buffer Over-read in DSP Service
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...
PT-2026-36842
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-wmi-sysman: Fixed the retrieval of WMI data blocks in sysfs callbacks. After retrieving WMI data blocks through sysfs callbacks, it is necessary to check the validity of these data blocks before dereferencing...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Staging: rtl8712 – fixed bugs related to use of memory after deallocation. The Read/WriteMACREG callbacks are set to NULL, so the read/writemacreghdl functions do nothing other than freeing the “pcmd” pointer. This results in ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Block layer: The feature of freezing the request queue from within sysfs store callbacks has been removed. Freezing the request queue may cause a deadlock when combined with the dm-multipath driver and the queueifnopath option...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: genetlink: Fixed the issue where genlbind invokes bind after -EPERM. Callbacks for bind and unbind were introduced to allow systems to track the presence of multicast group consumers. For example, these callbacks can be used to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Driver: iio: added missing checks for callback accesses in iioinfo. Some callbacks from the iioinfo structure are accessed without any checks. Therefore, if a driver does not implement these callbacks, attempting to access the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be called under the spin lock in the reported case, it happens from genpdadddevice - devpmdomainset, when the genpd uses spinlocks rather...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: BPF, sockmap: Do not allow sockmapclose,destroy,unhash to call itself. Proto callback functions in sockmap should never call themselves by design. Protect against bugs like 1 and break out of the recursive loop to avoid a stac...
Astra Linux – Vulnerability in Qemu
In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, which can lead to a NULL pointer dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection is added for late read accesses to the hierarchy. We retrieve a netdev during the preparation of Netlink operations pre-callbacks, and then we acquire a reference to it. Later, within the body of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ethtool: ioctl: fixed a potential NULL dereference in ethtoolsetcoalesce. ethtoolsetcoalesce now uses both .getcoalesce and .setcoalesce callbacks. However, the check for their availability is buggy. Therefore, changing the...