EUVD-2026-38847

In the Linux kernel, the following vulnerability has been resolved: net: psp: check for device unregister when creating assoc pspassocdevicegetlocked obtains a pspdev reference via pspdevgetforsock which uses pspdevtryget under RCU; it then acquires psd-lock and drops the reference. Before the lo...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: hwmon: axi-fan-control Fixed a possible NULL pointer dereferencing issue. axifancontrolirqhandler, which depends on the private axifancontroldata structure, might be called before the hwmon device is registered. This could lead t...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns: Fixed a possible memory leak in hnaeaeregister. When a fault is injected during module probing, if deviceregister fails, but the refcount of the kobject is not decreased to 0, the name allocated in devsetname may be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fixed the kernel panic caused by incorrect error handling. The error path when failing to register devices on the TEE bus contains a bug that leads to kernel panic. The details are as follows: 15.398930 Unable to hand...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In hcildisc,serdev, a failure in checking percpuinitrwsem. syzbot reports a NULL pointer dereferencing at hciuartttyclose. For rcusyncenter, rcusyncinit is called without calling hciuartttyopen, as hciuartttyopen...

CVE-2026-38718

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...

CVE-2026-38718

The CVE-2026-38718 entry describes a buffer overflow vulnerability in the device registration function of InHand Networks IR912 and IR915 devices (versions including V1.0.0.r20042 and earlier). The underlying issue is a buffer overflow in the registration process, which could allow an attacker to...

CVE-2026-38718

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...

CVE-2026-38718

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...

EUVD-2026-37921

InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a brute-force attack agains...

SUSE CVE-2026-46109

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...

SUSE CVE-2026-46083

In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup if spisetup fails while registering a device to avoid leaking any resources allocated by setup...

CVE-2026-45883

A flaw was found in the Linux kernel, specifically within the iio: sca3000 module. This resource management vulnerability occurs when the iiodeviceregister function fails, as a system resource spi-irq is not properly released. This oversight can lead to a resource leak, potentially impacting syst...

CVE-2026-46083

A flaw was found in the Linux kernel. This vulnerability occurs when the spisetup function fails during the registration of a device, leading to improper cleanup and subsequent resource leaks. This can result in a denial of service DoS due to the exhaustion of system resources...

EUVD-2026-32349

In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...

CVE-2026-46083

In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup if spisetup fails while registering a device to avoid leaking any resources allocated by setup...

CVE-2026-45883

In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...

UBUNTU-CVE-2026-45883

In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...

CVE-2026-46083

CVE-2026-46083 concerns the Linux kernel SPI subsystem. The description indicates a fix for resource leaks that occur when a device is being set up and spi_setup() fails during registration, requiring a call to controller cleanup() to avoid leaking resources allocated by setup(). OpenSUSE/SUSE ad...