CVE-2026-45956

The CVE-2026-45956 entry concerns the Linux kernel DRM Exynos driver (vidi) where vidi_connection_ioctl() incorrectly reads driver_data from drm_dev->dev, which points to the exynos-drm master device rather than the vidi component device. This mismatch can trigger null pointer dereferences, ga...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: uio: uiodmemgenirq: Fixed an issue where the unlock operation was missed in irq configuration. The commit b74351287d4b “uio: fixed a bug in uiodmemgenirqirqcontrol”. corrected the code so that disableirq was called without...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Error handling in the inittask during loading was fixed. If the inittask fails during driver loading, we end up with no vports and netdevs, effectively failing the entire process. In that state, a subsequent reset will resu...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: s390/vfio-ap: fixed a memory leak in the vfioap device driver. The device release callback function calls the devgetdrvdata function to retrieve the pointer to the vfiomatrixdev object in order to free its memory. The problem ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ variable failed. There is one issue that arises during fault injection tests: An unreferenced object: 0xffff888132a9f400 size 512. The following operations were...

Astra Linux - уязвимость в linux

A out-of-bounds memory write flaw was discovered in the listdevices function within drivers/md/dm-ioctl.c in the Multi-device driver module of the Linux kernel before version 5.12. A bound check failure allows an attacker with special user CAPSYSADMIN privileges to gain access to out-of-bounds...

CVE-2026-43430

A flaw was found in the Linux kernel's yurex USB driver. A race condition occurs during the device probing process, where internal descriptor data can be overwritten before proper initialization. This vulnerability could lead to data corruption or unexpected system behavior, impacting the stabili...

CVE-2026-43426 usb: renesas_usbhs: fix use-after-free in ISR during device removal

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: fix use-after-free in ISR during device removal In usbhsremove, the driver frees resources including the pipe array while the interrupt handler usbhsinterrupt is still registered. If an interrupt fires after...

USN-8258-1: Linux kernel (Azure) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

CVE-2026-43082

CVE-2026-43082 affects the Linux kernel net: txgbe component. The issue arises from how property_entry lists are terminated: the driver allocated exactly the number of entries used and did not reserve space for the terminating empty entry. The fix updates the struct definition of property_entry t...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the TMU device driver managing power state and clocking within the context of original spinlocks,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A vulnerability related to out-of-bounds memory access was discovered in the Linux kernel’s TUN/TAP device driver functionality. This vulnerability occurs when a user generates a malicious excessively large network packet while napi frags is enabled. This flaw allows a local user to cause a syste...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

A race condition was detected in the Linux kernel’s media/xc4000 device driver, specifically in the xc4000getfrequency function. This can lead to a return value overflow issue, potentially causing malfunctions or denial-of-service problems...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fixed a null-ptr-deref issue when the probe function failed. I received a report of a null-ptr-deref issue during the fault injection test. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 Oops:...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: The struct dppanel’s connector should be populated properly. In the DP CTS test case 4.2.2.6, the edid has a valid value but a bad checksum. It is expected that the DP source returns a correct checksum. During the...

EUVD-2026-24849

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller, which delays unregistration of the SPI controller until after the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013665 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoke...

USN-8184-1: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

Linux Distros Unpatched Vulnerability : CVE-2026-23446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports task hung in rpmresume This is caused by aqc111suspend calling the PM variant of its...

Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of...