CVE-2026-43340

A flaw was found in the comedi subsystem of the Linux kernel. This vulnerability arises when a comedidevice is reattached to different low-level drivers using the COMEDIDEVCONFIG ioctl command. A local user with appropriate privileges could exploit this by repeatedly attaching the device, leading...

CVE-2026-43340

In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the COMEDI subsystem. It contains a member spinlock containing a spin-lock...

CVE-2026-43340

Summary (CVE-2026-43340): The Linux kernel COMEDI subsystem contains a spinlock (dev->spinlock) in struct comedi_device that can be reinitialized when a COMEDI device is reattached to different low-level drivers via COMEDI_DEVCONFIG. This race can occur if multiple drivers with different lockd...

Linux Distros Unpatched Vulnerability : CVE-2026-43340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: Reinit dev-spinlock between attachments to low-level drivers struct comedidevice is the main controlling structure for a COMEDI device created by the...

CVE-2026-31749

A flaw was found in the niatmio16d driver within the Comedi Comedi is a collection of drivers for data acquisition equipment subsystem of the Linux kernel. This vulnerability occurs when an error during the driver's attach process causes the cleanup function atmio16ddetach to be called with...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The issue related to comedi: a race between polling and detaching the device has been fixed. The syzbot report indicates a use-after-free in the comedi module. This occurs because comedi happily removes the allocated async area,...

CVE-2025-39686 comedi: Make insn_rw_emulate_bits() do insn->n samples

In the Linux kernel, the following vulnerability has been resolved: comedi: Make insnrwemulatebits do insn-n samples The insnrwemulatebits function is used as a default handler for INSNREAD instructions for subdevices that have a handler for INSNBITS but not for INSNREAD. Similarly, it is used as...

CVE-2025-38529

In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from userspace, so the shift amount could ...

CVE-2025-38480 comedi: Fix use of uninitialized data in insn_rw_emulate_bits()

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insnrwemulatebits For Comedi INSNREAD and INSNWRITE instructions on "digital" subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevice drive...

PT-2025-35960

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free flaw within the comedi subsystem. This issue occurs due to the removal of allocated asynchronous areas while poll requests are still active,...

PT-2025-33573

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s comedi subsystem, specifically within the pcl812 driver. An unchecked integer value, it-options1, received from userspace, can lead to a bit shift...

PT-2025-33572

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the comedi subsystem, specifically within the aio iiro 16 driver. An unchecked integer value from userspace, it-options1, is used as a shift amount ...

PT-2025-31076

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The insn rw emulate bits function within the Comedi subsystem does not properly handle cases where insn-n is 0 for INSN READ and INSN WRITE instructions. This can lead to the function...

PT-2025-31078

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s comedi subsystem, specifically within the das6402 driver. An unchecked integer value, it-options1, received from userspace, can lead to a bit shift...

PT-2025-36280

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the comedi subsystem, specifically within the pcl726 driver. An invalid interrupt request IRQ number, such as 0x80008000, could be passed to the syste...

PT-2025-36281

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The insn rw emulate bits function, used as a default handler for INSN READ and INSN WRITE instructions in the comedi subsystem, does not correctly handle multiple samples as indicated by...