175 matches found
CVE-2026-46258
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...
CVE-2026-46258 gpio: cdev: Avoid NULL dereference in linehandle_create()
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...
EUVD-2026-34120
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...
CVE-2026-46258
In CVE-2026-46258, the Linux kernel gpio: cdev sub-system fixes a NULL dereference in linehandle_create(). The code retains lh with retain_and_null_ptr(lh) and later dereferences lh in a debug print, leading to a crash. The approved workaround/fix is to use handlereq.lines, which holds the same v...
PT-2026-46021
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle create In linehandle create, there is a statement like this: retain and null ptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Rapidio: fixed a possible UAF Use-after-Allocation when kfifoalloc fails. If kfifoalloc fails in mportcdevopen, it jumps to errfifo and simply frees priv. However, priv is still in chdev-filelist, and traversing the list may lead...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: ubi: Fixed a race condition between ctrlcdevioctl and ubicdevioctl. Hulk Robot reported a KASAN report regarding a use-after-free issue: BUG: KASAN: use-after-free in listdelentryvalid+0x13d/0x160. A size 8 byte read at addres...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A issue was discovered in the driver/mtd/ubi/cdev.c file within the Linux kernel 6.2. There is a division-by-zero error in the dodivsz, mtd-erasesize function, which is indirectly used by ctrlcdevioctl, when mtd-erasesize is 0...
Astra Linux - уязвимость в linux-5.15, linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fixed the issue where putdevice was missing in mportcdevopen. When kfifoalloc fails, the reference count of chdev-dev remains incremented. We should use putdevice&chdev-dev to decrement the reference count of...
Astra Linux - уязвимость в linux-5.15, linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix fhidg lifetime vs cdev The embedded struct cdev does not have its lifetime correctly tied to the enclosing struct fhidg, so there is a use-after-free if /dev/hidgN is held open while the gadget is deleted...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fixed the use of memory after it is freed in lineinfochangednotify. The use-after-free issue occurs as follows: when the GPIO chip device file is closed by invoking gpiochrdevrelease, the data structure watchedLine...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: cdev – Make sure the cdev file descriptor remains active before emitting events. With the final call to fput on a file descriptor, the release action may be deferred and scheduled onto a work queue. The reference count of...
OESA-2026-2176 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks using Wi-Fi Protected Access WPA, WPA2, or WPA3 or Wired Equivalent Privacy WEP, an adversary can exploit this vulnerability to injec...
Linux Distros Unpatched Vulnerability : CVE-2026-31606
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be...
CVE-2026-31606
A flaw was found in the Linux kernel's USB Human Interface Device HID gadget driver. When the /dev/hidg device is still open during unbind and bind operations, the character device cdev is reinitialized while still in use. This unsafe behavior can lead to a system crash, resulting in a Denial of...
DEBIAN-CVE-2026-31606
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...
CVE-2026-31606
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the usb gadget fhid driver repeatedly initializing the cdev device during rebinding operations,...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013723)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013723 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix fhidg lifetime vs cdev The embedded struct cdev does not have its lifetime...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013551 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: devices: fix missing putdevice in mportcdevopen When kfifoalloc fails, the refcount of...