47 matches found
Astra Linux - уязвимость в linux-5.10
A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the IEEE80211P2PATTRCHANNELLIST in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file, within the WILC1000 wireless driver, can lead to a heap-based buffer overflow when parsing the operating channel...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fixed a memory leak in 'host1xremove'. A missing call to 'host1xchannellistfree' was added in the remove function, just as already done in the error handling path of the probe function...
CVE-2026-23226
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add channlock to protect ksmbdchannlist xarray ksmbdchannlist xarray lacks synchronization, allowing use-after-free in multi-channel sessions between lookupchannlist and ksmbdchanndel. Adds rwsemaphore channlock to struct...
UBUNTU-CVE-2026-23226
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add channlock to protect ksmbdchannlist xarray ksmbdchannlist xarray lacks synchronization, allowing use-after-free in multi-channel sessions between lookupchannlist and ksmbdchanndel. Adds rwsemaphore channlock to struct...
CVE-2026-23226
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add channlock to protect ksmbdchannlist xarray ksmbdchannlist xarray lacks synchronization, allowing use-after-free in multi-channel sessions between lookupchannlist and ksmbdchanndel. Adds rwsemaphore channlock to struct...
CVE-2026-23226
In the Linux kernel, the following vulnerability has been resolved: ksmbd: add channlock to protect ksmbdchannlist xarray ksmbdchannlist xarray lacks synchronization, allowing use-after-free in multi-channel sessions between lookupchannlist and ksmbdchanndel. Adds rwsemaphore channlock to struct...
CVE-2026-23226
CVE-2026-23226 involves a kernel vulnerability in ksmbd where the ksmbd_chann_list xarray was lacking synchronization, allowing a use-after-free in multi-channel sessions between lookup_chann_list() and ksmbd_chann_del. The provided documents confirm the root cause and the fix: the patch adds a n...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: Update the channel list in the notifier instead of using the reg worker Currently, when ath11k receives a new channel list, it processes it according to the following steps: 1. Update the new channel list and queue ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990003)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990003 advisory. In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a memory leak in 'host1xremove' Add a missing 'host1xchannellistfree' call in th...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989131)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989131 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: handle channel mappping list correctly Currently each channel is added as...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987612)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987612 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: handle channel mappping list correctly Currently each channel is added as...
EUVD-2018-3845
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986747)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986747 advisory. In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a memory leak in 'host1xremove' Add a missing 'host1xchannellistfree' call in th...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414339)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414339 advisory. An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211P2PATTRCHANNELLIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in...
EUVD-2025-11170
Malicious code in bioql PyPI...
CVE-2025-39673
In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in pppfillforwardpath pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...
UBUNTU-CVE-2025-39673
In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in pppfillforwardpath pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...
CVE-2025-39673 ppp: fix race conditions in ppp_fill_forward_path
In the Linux kernel, the following vulnerability has been resolved: ppp: fix race conditions in pppfillforwardpath pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...
CVE-2025-39673
Summary (CVE-2025-39673) : The issue is in the Linux kernel’s ppp_fill_forward_path() where two race conditions could occur in the ppp channels handling. The patch uses a lockless RCU approach: test and access the first channel with list_first_or_null_rcu(); modify channel list with RCU-variants ...
wifi: ath11k: update channel list in reg notifier instead reg worker
...