CVE-2026-43126

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA Open Sound System OSS mixer component. This vulnerability arises when pending calls to kernel control operations are not properly handled during device disconnection, leading to potential Use-After-Free UAF scenarios. A...

CVE-2026-43130

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac "iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected" relies on pcidevisdisconnected to skip ATS...

CVE-2026-31672

A flaw was found in the Linux kernel's rt2x00usb component, which handles Wi-Fi USB devices. This issue stems from improper management of system memory allocated for USB devices. When a Wi-Fi USB device driver is unloaded without the device being physically disconnected, the system may fail to...

CVE-2026-31651

A flaw was found in the Linux kernel's mmc: vub300 driver. This vulnerability allows a local attacker to trigger a NULL-pointer dereference or use-after-free condition during device disconnection. Successful exploitation could lead to a system crash, resulting in a denial of service...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003707 advisory. An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures...

EUVD-2017-18589

Malware in sbrugna...

EUVD-2025-11265

Malicious code in bioql PyPI...

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.

...

media: streamzap: fix race between device disconnection and urb callback

...

CVE-2022-49974 HID: nintendo: fix rumble worker null pointer deref

In the Linux kernel, the following vulnerability has been resolved: HID: nintendo: fix rumble worker null pointer deref We can dereference a null pointer trying to queue work to a destroyed workqueue. If the device is disconnected, nintendohidremove is called, in which the rumblequeue is destroye...

SUSE CVE-2025-22027

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027 media: streamzap: fix race between device disconnection and urb callback

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027 media: streamzap: fix race between device disconnection and urb callback

In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between device disconnection and urb callback Syzkaller has reported a general protection fault at function irraweventstorewithfilter. This crash is caused by a NULL pointer dereference of dev-raw...

CVE-2025-22027

CVE-2025-22027 affects the Linux kernel, specifically the media: streamzap component. The issue is a race between device disconnection and urb callback that leads to a NULL pointer dereference of dev->raw in ir_raw_event_store_with_filter, even though NULL checks exist in the function. The roo...

Linux Distros Unpatched Vulnerability : CVE-2022-49297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nbd: fix io hung while disconnecting device In our tests, qemu-nbd triggers a io hung: INFO: task qemu- nbd:11445 blocked for more than 368 seconds. Not tainted...

CVE-2024-26891

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected For those endpoint devices connect to system via hotplug capable ports, users could request a hot reset to the device by flapping device's link through...

SUSE CVE-2023-52475

In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermateconfigcomplete syzbot has found a use-after-free bug 1 in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermatedevice...

CVE-2023-52475

In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermateconfigcomplete syzbot has found a use-after-free bug 1 in the powermate driver. This happens when the device is disconnected, which leads to a memory free from the powermatedevice...