EUVD-2026-32462

In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when deviceadddisk fails dorbdadd publishes the device with deviceadd before calling deviceadddisk. If deviceadddisk fails after deviceadd succeeds, the error path calls rbdfreedisk directly and then later...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: chips-media: wave5: Fixed the device cleanup order to prevent kernel panic. The process of unregistering video devices has been moved to the beginning of the remove function. This ensures that all video operations are...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: igbvf: fixed a double-free in igbvfprobe. In igbvfprobe, if registernetdev fails, the program will proceed to label errHWinit, and then to label errioremap. In freenetdev, which occurs just below label errioremap, there are...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: “sh: push-switch: Reorder cleanup operations to avoid use-after-free bug” The original code placed “flushwork” before “timershutdownsync” in “switchdrvremove”. Although we use “flushwork” to stop the worker, it could be reschedul...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bonding: An oops occurred during the rmmod operation. The command “rmmod bonding” causes an oops since the commit with the code change cc317ea3d927” „bonding: remove the redundant NULL check in the debugfs function”. The followin...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix cleanup of CT before cleanup of TC ct rules CT cleanup assumes that all tc rules were deleted first. Therefore, it is possible to delete the CT shared resources e.g., draction and fwdaction, which are shared...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fixed the erroneous cleanup order. There is a logical error when removing the rt5645 device. The function rt5645i2cremove first cancels the &rt5645-jackdetectwork and then deletes the &rt5645-btnchecktimer. However,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021644 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are...

SUSE CVE-2026-43229

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

Linux Distros Unpatched Vulnerability : CVE-2026-43229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure a...

CVE-2026-43229

A flaw was found in the chips-media wave5 driver within the Linux kernel. An incorrect device cleanup order allows the kernel's worker thread to attempt reading from powered-off hardware. This can occur when the system enters autosuspend mode, leading to a bus error and a kernel panic. This...

EUVD-2026-27792

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

EUVD-2026-27738

In the Linux kernel, the following vulnerability has been resolved: procfs: fix possible double mmput in doprocmapquery When user provides incorrectly sized buffer for build ID for PROCMAPQUERY we return with -ENAMETOOLONG error. After recent changes this condition happens later, after we unlocke...

PT-2026-37569

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

PT-2026-37517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A runtime power management RPM reference leak exists in the Linux kernel. In the ipu6 pci probe function, several error paths jump directly to out ipu6 bus del devices without releasing...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/a6xx: Avoid a nullptr dereference when the speedbin setting fails Calling a6xxdestroy before adrenogpuinit leads to a null pointer dereference on msmgpucleanup: platformsetdrvdatagpu-pdev, NULL; This occurs because...

WWBN AVideo 跨站脚本漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from a flaw in the order of cleaning operations for the about field in user profiles, which...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005734)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005734 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks...

EUVD-2026-5887

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix race in nvmetbiodone leading to NULL pointer dereference There is a race condition in nvmetbiodone that can cause a NULL pointer dereference in blkcgroupbiostart: 1. nvmetbiodone is called when a bio completes 2...

CVE-2026-23132

CVE-2026-23132 : Linux kernel vulnerability in the dw-dp bridge (drm/bridge: synopsys: dw-dp) resolved. The issue concerned error handling in dw_dp_bind(), with three problems: (1) Missing return after drm_bridge_attach() failure, causing continued execution; (2) Resource leak where drm_dp_aux_un...