104 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ice: Added the missing icedeinithw function in devlinkreinitpath. devlink-reload results in a iceinithwfailed error. Removing the ice driver causes a NULL pointer dereference issue. +0.102213 ice 0000:ca:00.0: iceinithwfailed: -1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for adev-dm.dc in amdgpudmfini have been fixed. Since adev-dm.dc in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, a check is performed beforehand to ensure that...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech: vcodec – Fixed an oops when HEVC initialization fails. The stateless HEVC decoder saves the instance pointer in the context, regardless of whether the initialization succeeded or not. This caused a...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit. If venusprobe fails at pmruntimeputsync, it first calls hfiDestroy, and then hficoredeinit. Since hfiDestroy sets core-ops to NULL, hficoredeinit can no longer call the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: The “clear initialized flag” for the deinitialized srng lists was cleared. In several cases, we observe kernel panics upon resuming operations due to ath11k kernel page faults. These incidents occur under the...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/meson: Reordered the driver deinit sequence to fix a use-after-free bug. Unloading the driver triggers the following KASAN warnings: +0.006275 ============================================================= +0.000029 BUG:...
CVE-2026-10635
On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...
CVE-2026-10635 Dangling memory-domain pointer (use-after-free) in Xtensa MMU page-table code on memory-domain de-init
On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...
PT-2026-49610
On Xtensa targets with CONFIG USERSPACE and CONFIG XTENSA MMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensa domain list, of active memory domains using a list node embedded inside the caller-owned struct k mem domain. When a domain is destroyed via k mem domain...
MGASA-2026-0191 Updated libxmp packages fix security vulnerabilities
CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null pointer dereference in vorbisdeinit CVE-2023-45681: Out of bounds heap buffer write CVE-2023-45676: Multi-byte write heap buffer overflow in startdecoder CVE-2023-45677: Heap buffer out of bounds...
Updated libxmp packages fix security vulnerabilities
CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbisdeinit CVE-2023-45680: Null pointer dereference in vorbisdeinit CVE-2023-45681: Out of bounds heap buffer write CVE-2023-45676: Multi-byte write heap buffer overflow in startdecoder CVE-2023-45677: Heap buffer out of bounds...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: In rtlwifi, memory leaks and invalid access at the probe error path have been fixed. The deinitialization is performed in reverse order when the probe fails. When initswvars fails, rtldeinitcore should not be called. Thi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: fixed a memory leak in idpfvccoredeinit Make sure to free hw-lan regs. Reported by kmemleak during reset: Unreferenced object 0xff1b913d02a936c0 size 96: comm "kworker/u258:14", pid 2174, jiffies 4294958305 Hex dump first 3...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ath11k: Disable spectral scan during spectral deinit. When ath11k modules are removed using rmmod with spectral scan enabled, a crash occurs. Different crash traces are observed for each instance of the crash. Send a command to...
UBUNTU-CVE-2026-23329
In the Linux kernel, the following vulnerability has been resolved: libie: don't unroll if fwlog isn't supported The libiefwlogdeinit function can be called during driver unload even when firmware logging was never properly initialized. This led to call trace: 148.576156 Oops: Oops: 0000 1 SMP...
Linux Distros Unpatched Vulnerability : CVE-2026-23329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: libie: don't unroll if fwlog isn't supported The libiefwlogdeinit function can be called...
CVE-2026-23117
In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...
CVE-2026-23117
The CVE-2026-23117 entry concerns the Linux kernel Intel ice network driver. The issue arises during devlink-reload: ice_devlink_reinit_down() did not call ice_deinit_hw() while ice_devlink_reinit_up() calls ice_init_hw(), causing ice_init_hw() to fail with -EBUSY if control queues remain initial...
CVE-2026-23117
In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...
CVE-2026-23117 ice: add missing ice_deinit_hw() in devlink reinit path
In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...