CVE-2026-43431

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

CVE-2026-43431

In the Linux kernel xHCI host controller driver, CVE-2026-43431 stems from a NULL pointer dereference when reading portli debugfs files. The bug occurs if xhci->max_ports counts more port registers than the number reported by Supported Protocol capabilities, which can happen when max_ports exc...

CVE-2026-43431 xhci: Fix NULL pointer dereference when reading portli debugfs files

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

CVE-2026-43380 hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

CVE-2026-43380

CVE-2026-43380 relates to the Linux kernel hwmon driver pmbus/q54sj108a2. The q54sj108a2_debugfs_read function suffers a stack buffer overflow due to incorrect bin2hex argument usage and insufficient output buffer size, causing writes beyond the stack. A fix expands the data_char buffer to 66 byt...

CVE-2026-43380

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

CVE-2026-43380

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

PT-2026-39092

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs when reading portli debugfs files. This happens when the number of port registers counted in xhci-max ports exceeds the ports reported by Supported...

PT-2026-39041

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The q54sj108a2 debugfs read function contains a stack buffer overflow. This occurs because incorrect arguments are passed to the bin2hex function, where the destination and source buffer...

Linux Distros Unpatched Vulnerability : CVE-2026-43431

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xhci driver’s failure to properly handle cases where the port count exceeds the number of...

SUSE CVE-2026-43013

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG device before creating debugfs mlx5lagdevaddmdev may return 0 success even when an error occurs that is handled gracefully. Consequently, the initialization flow proceeds to call mlx5ldevadddebugfs ev...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915: Fixed the reference counting during error capture and debugfs dump. When GuC support was added to error capture, the reference counting around the request object was broken. This issue has been fixed. The context-bas...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Added missing gfx11 MQD manager callbacks. The mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup", but it wasn’t assigned to gfx11. This issue is fixed by...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Base: dd: Fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must have the dput function called upon it. Otherwise, a memory leak will occur over time. To simplify things,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: thermal/debugfs: Two locking issues have been fixed regarding the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone befo...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Prohibit deactivating all links. In the internal API, this triggers a WARN message, but that should remain as it is—we want to be aware of bugs that might cause this issue. We prevent the deactivation of all link...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: mmp2: The pmgenpdinit function is called only after genpd.name is set. Setting the name of the struct device associated with genpd using devsetname occurs within pmgenpdinit. If this value remains NULL, problems can arise...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp – Fix for a crash that occurs when rebinding the ccp device. When CONFIGCRYPTODEVCCPDEBUGFS is enabled, rebinding the ccp device causes the following crash: bash $ echo '0000:0a:00.2' /sys/bus/pci/drivers/ccp/unbind $...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PM: EM: fixed a memory leak caused by using debugfslookup. When calling debugfslookup, the result must have had dput called on it; otherwise, memory will leak over time. To simplify things, simply call debugfslookupandremove, whi...