470 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufre...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq/longhaul: handled NULL policy in longhaulexit The longhaulexit function was calling cpufreqcpuget0 without checking for a NULL policy pointer. On some systems, this could lead to a NULL derefrence and a kernel warning or...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: Using the kobject release method to free dbsdata The struct dbsdata contains a struct govattrset, and the struct govattrset contains a kobject. Since every kobject must have a release method, and we cannot...
CLSA-2026-1779434490 kernel: Fix of 100 CVEs
tracing: Verify event formats that have "%p.." CVE-2025-37938 - HID: pidff: Fix null pointer dereference in pidfffindfields CVE-2025-37862 - scsi: st: Fix array overflow in stsetup CVE-2025-37857 - drm/amdkfd: debugfs hanghws skip GPU with MES CVE-2025-37853 - mm/vmscan: don't try to reclaim...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cpufreq: pmac32-cpufreq: Fixed the refcount leak issue. In pmaccpufreqinitMacRISC3, we need to add the corresponding ofnodeput function for the three node pointers whose refcount has been incremented by offindnodebyname...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: cpufreq: The completion function is called before kobjectinitandadd. In cpufreqpolicyalloc, the uninitialized completion function is called in cpufreqsysfsrelease when kobjectinitandadd fails. This will cause a crash, such as a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate-ut: Fixed a kernel panic that occurred when loading the driver. After loading the amd-pstate-ut driver, the functions amdpstateutcheckperf and amdpstateutcheckfreq use cpufreqcpuget to obtain the CPU’s policy...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel error caused by a write operation in read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release method to free sugovtunables The struct sugovtunables is protected by the kobject, so we cannot free it directly. Otherwise, we would receive a call trace like this: ODEBUG: free active...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A crash occurred during the disabling of turbo mode. When the system is booted with the kernel command line arguments “nosmt” or “maxcpus” to limit the number of CPUs, disabling turbo mode by executing: echo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fixed the global sysfs attribute type. In commit 3666062b87ec “cpufreq: amd-pstate: move to use busgetdevroot”, the “amdpstate” attributes were moved from a dedicated kobject to the root kobject. While the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A NULL pointer dereference occurred in the updatecpuqosrequest function. The updatecpuqosrequest function attempts to initialize the freq variable by dereferencing cpudata before verifying whether the policy...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Fixed the ref counting in cpufreqpolicy. The function amdpstateupdatelimits takes a reference to cpufreqpolicy, but does not decrement the reference count during one of the exit paths. This issue has been fixe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: A memory leak has been fixed in qcomcpufreqhwreadlut. If qcomcpufreqhwreadlut fails to obtain the operation table, the program will terminate, resulting in the “table” resource not being released...
CVE-2026-43328
A flaw was found in the Linux kernel's cpufreq governor. An error in the cpufreqdbsgovernorinit function's cleanup path, specifically when kobjectinitandadd fails, causes a double free of memory. This memory corruption vulnerability can be exploited by a local attacker, potentially leading to...
SUSE CVE-2026-43328
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
EUVD-2026-28707
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
EUVD-2026-28612
In the Linux kernel, the following vulnerability has been resolved: cpufreq: governor: fix double free in cpufreqdbsgovernorinit error path When kobjectinitandadd fails, cpufreqdbsgovernorinit calls kobjectput&dbsdata-attrset.kobj. The kobject release callback cpufreqdbsdatarelease calls...
CVE-2026-43401
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
CVE-2026-43401 cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...