58 matches found
EUVD-2026-27722
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: plfxlc: Removed an erroneous assertion in plfxlcmacrelease The plfxlcmacrelease function includes an assertion that checks whether mac-lock is held. This assertion is incorrect, because even if it were possible, it would no...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
A use-after-free flaw was discovered in r592remove in drivers/memstick/host/r592.c, responsible for media access in the Linux kernel. This flaw allows a local attacker to crash the system upon device disconnection, potentially leading to a kernel information leak...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Input: powermate – fixed a use-after-free in powermateconfigComplete. Syzbot has identified a use-after-free bug 1 in the powermate driver. This occurs when the device is disconnected, causing memory related to the powermatedevic...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: HID: logitech-hidpp: Fixed a kernel crash when the USB connection is disconnected. The function hidppconnectevent experiences four times-of-check versus-time-of-use TOCTOU races. This race occurs when hidppconnectevent is...
CVE-2026-31760
In the Linux kernel, the following vulnerability has been resolved: gpib: lpvousb: fix memory leak on disconnect The driver iterates over the registered USB interfaces during GPIB attach and takes a reference to their USB devices until a match is found. These references are never released which...
CVE-2026-31760 gpib: lpvo_usb: fix memory leak on disconnect
In the Linux kernel, the following vulnerability has been resolved: gpib: lpvousb: fix memory leak on disconnect The driver iterates over the registered USB interfaces during GPIB attach and takes a reference to their USB devices until a match is found. These references are never released which...
CVE-2026-23291
A flaw was found in the Linux kernel's nfc: pn533 driver. When a device is disconnected, a reference count on the USB interface is not properly dropped, leading to a dangling reference. This resource management issue may lead to system instability or a denial of service DoS...
CVE-2026-23291
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up b...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable()
A use-after-free flaw was found in Multipath TCP in the Linux kernel in net/mptcp/ctrl.c:mptcpactiveenablecode due to concurrency problem. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable()
A use-after-free flaw was found in Multipath TCP in the Linux kernel in net/mptcp/ctrl.c:mptcpactiveenablecode due to concurrency problem. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
CVE-2025-71158
The CVE-2025-71158 issue is in the Linux kernel gpio: mpsse driver, where an IRQ worker running during device unplug could crash. The root cause is insufficient teardown of the worker list on disconnect; a spinlock was introduced to protect the worker list and ensure tear-down during hot-unplug. ...
CVE-2025-68822 Input: alps - fix use-after-free bugs caused by dev3_register_work
In the Linux kernel, the following vulnerability has been resolved: Input: alps - fix use-after-free bugs caused by dev3registerwork The dev3registerwork delayed work item is initialized within alpsreconnect and scheduled upon receipt of the first bare PS/2 packet from an external PS/2 device...
kernel: media: rc: fix races with imon_disconnect()
A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...
CVE-2025-40223
In the Linux kernel, the following vulnerability has been resolved: most: usb: Fix use-after-free in hdmdisconnect hdmdisconnect calls mostderegisterinterface, which eventually unregisters the MOST interface device with deviceunregisteriface-dev. If that drops the last reference, the device core...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed an Oops after disconnection in agilent USB. If the agilent USB dongle is disconnected, subsequent calls to the driver will cause a NULL dereference Oops, as the businterface is set to NULL upon disconnection...
EUVD-2022-54930
In the Linux kernel, the following vulnerability has been resolved: nbd: fix io hung while disconnecting device In our tests, "qemu-nbd" triggers a io hung: INFO: task qemu-nbd:11445 blocked for more than 368 seconds. Not tainted 5.18.0-rc3-next-20220422-00003-g2176915513ca 884 "echo 0...
EUVD-2023-43826
Malicious code in bioql PyPI...
EUVD-2025-11255
Malicious code in bioql PyPI...