469 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: “comedi”: checking the attached status of a device in compatible IOCTLs. Syzbot identified a issue 1 that causes the kernel to crash, seemingly due to the absence of the callback dev-getvalidroutes. This should never happen, as t...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fixed invalid PNP driver unregistration The Comedi low-level driver “c6xdigio” appears to be for a parallel port-connected device. When the Comedi core calls the driver’s “attach” handler c6xdigioattach to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: Sanitize configuration options in multiq3attach Syzbot identified an issue 1 in multiq3attach, which can cause a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fixed the null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818ai Cancel, which stems from the fact that in case of early device detachment via pcl818detach, subdevice dev-readsubdev may not have...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed the bulk-buffer overflow issue. The driver uses buffers sized equal to the endpoint size, but it should not assume that the tx and rx buffers have the same size. A malicious device could cause the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: comedi: A memory leak has been fixed in compatinsnlist. compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl function when CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: comedi: dt9812 – fixed DMA buffers on the stack. USB transfer buffers are typically mapped for DMA operations, and they must not be allocated on the stack; otherwise, transfers will fail. Proper transfer buffers should be...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: “comedi: runflags cannot determine whether to reclaim chanlist” The syzbot reported a memory leak 1. This was because commit 4e1da516debb “comedi: Add reference counting for Comedi command handling” did not account for the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: comedi: niusb6501: fixed NULL dereferencing in command paths. The driver uses USB transfer buffers of the endpoint size, but there were no sanity checks on their sizes. This can lead to dereferencing of zero-size pointers or...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fixed incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some issues may still go unnoticed. Depending on the hardware model, URBs can have either bulk or interrupt types, and the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: comedi: vmk80xx: fixed transfer-buffer overflows The driver uses USB transfer buffers sized at the endpoint level, but until recently, there were no sanity checks on these buffer sizes. The commit e1f13c879a7c “staging: comedi...
SUSE CVE-2026-43340
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
CVE-2026-43340
A flaw was found in the comedi subsystem of the Linux kernel. This vulnerability arises when a comedidevice is reattached to different low-level drivers using the COMEDIDEVCONFIG ioctl command. A local user with appropriate privileges could exploit this by repeatedly attaching the device, leading...
EUVD-2026-28624
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
CVE-2026-43340
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
UBUNTU-CVE-2026-43340
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
CVE-2026-43340
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
CVE-2026-43340 comedi: Reinit dev->spinlock between attachments to low-level drivers
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
CVE-2026-43340
In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...
CVE-2026-43340
Summary (CVE-2026-43340): The Linux kernel COMEDI subsystem contains a spinlock (dev->spinlock) in struct comedi_device that can be reinitialized when a COMEDI device is reattached to different low-level drivers via COMEDI_DEVCONFIG. This race can occur if multiple drivers with different lockd...