253 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53161
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP response...
EUVD-2026-39895
In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...
CVE-2026-53290 drm/xe/eustall: Fix drm_dev_put called before stream disable in close
In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...
EUVD-2026-39252
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP responses. When the user closes the file descriptor, fastrpcdevicerelease fre...
CVE-2026-53161
The CVE-2026-53161 entry concerns a use-after-free in the Linux kernel fastrpc subsystem. A race between fastrpc_device_release() (on file close) and the workqueue processing DSP responses can free the fastrpc_user while an in-flight DSP invocation is completing, leading to dereferencing freed co...
CVE-2026-53161 misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context
In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP responses. When the user closes the file descriptor, fastrpcdevicerelease fre...
PT-2026-52252
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Use-after-free bugs exist in the error paths of the nvmem core. The issue occurs when the nvmem device put function is called, potentially freeing underlying memory and resources, while...
PT-2026-52257
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between fastrpc device release and the workqueue processing DSP responses. When a user closes a file descriptor, fastrpc device release frees the fastrpc user...
CVE-2026-53025
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...
CVE-2026-53025 greybus: raw: fix use-after-free on cdev close
In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...
CVE-2026-53025
Summary of CVE-2026-53025 : The Linux kernel’s Greybus raw subsystem is affected by a use-after-free when a raw bundle is disconnected while its chardev remains open, leading to a kernel panic and potential DoS. The issue occurs because the cdev can be released after freeing memory, creating an i...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed the handling of device lifecycle in cssallocsubchannel. cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel...
PT-2026-51919
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the greybus raw component. The problem occurs when a raw bundle is disconnected while its character device chardev remains open by an application. Becaus...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: mdio: Fixed an unbalanced fwnode reference count in mdiodevicerelease. There is a warning report regarding a refcount leak when probing the mdio device: OF: Error: Memory leak; the expected refcount was 1 instead of 2. The...
CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()
In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...
EUVD-2026-35148
In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tpmdevrelease function not properly releasing the authentication session using kfreesensitive,...
EUVD-2026-32792
In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...
EUVD-2026-32789
In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninit&sfdev-adev. The device release callback icesfdevrelease frees sfdev, but th...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a count leak in the usbdev driver of the ALSA caiaq library. This vulnerability may lead to devic...