CVE-2026-45956

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: uio: uiodmemgenirq: Fixed an issue where the unlock operation was missed in irq configuration. The commit b74351287d4b “uio: fixed a bug in uiodmemgenirqirqcontrol”. corrected the code so that disableirq was called without...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: s390/vfio-ap: fixed a memory leak in the vfioap device driver. The device release callback function calls the devgetdrvdata function to retrieve the pointer to the vfiomatrixdev object in order to free its memory. The problem ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ variable failed. There is one issue that arises during fault injection tests: An unreferenced object: 0xffff888132a9f400 size 512. The following operations were...

Astra Linux - уязвимость в linux

A out-of-bounds memory write flaw was discovered in the listdevices function within drivers/md/dm-ioctl.c in the Multi-device driver module of the Linux kernel before version 5.12. A bound check failure allows an attacker with special user CAPSYSADMIN privileges to gain access to out-of-bounds...

CVE-2026-43430

A flaw was found in the Linux kernel's yurex USB driver. A race condition occurs during the device probing process, where internal descriptor data can be overwritten before proper initialization. This vulnerability could lead to data corruption or unexpected system behavior, impacting the stabili...

CVE-2026-43426 usb: renesas_usbhs: fix use-after-free in ISR during device removal

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: fix use-after-free in ISR during device removal In usbhsremove, the driver frees resources including the pipe array while the interrupt handler usbhsinterrupt is still registered. If an interrupt fires after...

USN-8258-1: Linux kernel (Azure) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

CVE-2026-43082

CVE-2026-43082 affects the Linux kernel net: txgbe component. The issue arises from how property_entry lists are terminated: the driver allocated exactly the number of entries used and did not reserve space for the terminating empty entry. The fix updates the struct definition of property_entry t...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the TMU device driver managing power state and clocking within the context of original spinlocks,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A vulnerability related to out-of-bounds memory access was discovered in the Linux kernel’s TUN/TAP device driver functionality. This vulnerability occurs when a user generates a malicious excessively large network packet while napi frags is enabled. This flaw allows a local user to cause a syste...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

A race condition was detected in the Linux kernel’s media/xc4000 device driver, specifically in the xc4000getfrequency function. This can lead to a return value overflow issue, potentially causing malfunctions or denial-of-service problems...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fixed a null-ptr-deref issue when the probe function failed. I received a report of a null-ptr-deref issue during the fault injection test. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000058 Oops:...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/msm/dp: The struct dppanel’s connector should be populated properly. In the DP CTS test case 4.2.2.6, the edid has a valid value but a bad checksum. It is expected that the DP source returns a correct checksum. During the...

EUVD-2026-24849

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue UAF There is a teardown order issue in the driver. The SPI controller is registered using devmspiregistercontroller, which delays unregistration of the SPI controller until after the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013665 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoke...

USN-8184-1: Linux kernel (Real-time) vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

Linux Distros Unpatched Vulnerability : CVE-2026-23446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports task hung in rpmresume This is caused by aqc111suspend calling the PM variant of its...

Linux Kernel Analog Device Driver Improper Validation of Array Index Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of...