463 matches found
CLSA-2026-1779434490 kernel: Fix of 100 CVEs
tracing: Verify event formats that have "%p.." CVE-2025-37938 - HID: pidff: Fix null pointer dereference in pidfffindfields CVE-2025-37862 - scsi: st: Fix array overflow in stsetup CVE-2025-37857 - drm/amdkfd: debugfs hanghws skip GPU with MES CVE-2025-37853 - mm/vmscan: don't try to reclaim...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate-ut: Fixed a kernel panic that occurred when loading the driver. After loading the amd-pstate-ut driver, the functions amdpstateutcheckperf and amdpstateutcheckfreq use cpufreqcpuget to obtain the CPU’s policy...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A issue related to the lifecycle of objects in updateqosrequest has been fixed. The call to cpufreqcpuput in updateqosrequest occurs too early. This is because updateqosrequest subsequently calls...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: The exit callback is optional. The exit callback is optional, and it should not be called without first checking a valid pointer. Additionally, we must clear the freqtable pointer even if the exit callback is not present...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A crash occurred during the disabling of turbo mode. When the system is booted with the kernel command line arguments “nosmt” or “maxcpus” to limit the number of CPUs, disabling turbo mode by executing: echo...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: cpufreq: The completion function is called before kobjectinitandadd. In cpufreqpolicyalloc, the uninitialized completion function is called in cpufreqsysfsrelease when kobjectinitandadd fails. This will cause a crash, such as a...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: cppccpufreq: Fixed a possible null pointer dereferencing issue. The functions cppccpufreqgetrate and hiicppccpufreqgetrate can be called from different locations with various parameters. Therefore, cpufreqcpuget may return null a...
CVE-2026-43328
A flaw was found in the Linux kernel's cpufreq governor. An error in the cpufreqdbsgovernorinit function's cleanup path, specifically when kobjectinitandadd fails, causes a double free of memory. This memory corruption vulnerability can be exploited by a local attacker, potentially leading to...
SUSE CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
EUVD-2026-28707
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
EUVD-2026-28612
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
CVE-2026-43401
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
CVE-2026-43401 cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
CVE-2026-43401
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectputdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
Linux Distros Unpatched Vulnerability : CVE-2026-43328
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls...
PT-2026-38979
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the cpufreq dbs governor init function error path. When the kobject init and add function fails, the system calls kobject put&dbs data-attr set.kobj, which...