Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Thermal: Core – Fix the error path in thermal zone device registration If the thermalzonedeviceregisterwithtrips function fails after registering a thermal zone device, it needs to wait for the completion of tz-removal like when...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: rtl8712: fixed a potential memory leak in r871xudrvinit. In r871xudrvinit, if r8712initdrvsw fails, the memory allocated by r8712allocioqueue in r8712usbdvobjinit is not properly released. This is because no action is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: thermal/debugfs: Prevent use-after-free from occurring after cdev removal. Since thermaldebugcdevremove does not run under cdev-lock, it can run in parallel with thermal Debugcdevstateupdate. This may free the struct thermal...

UBUNTU-CVE-2026-50265

Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...

CVE-2026-46165

A flaw was found in the Linux kernel's openvswitch vport component. This vulnerability arises during the release of tunnel ports, where a self-deadlock can occur. This prevents the vport from being properly freed and its references released, leading to a system deadlock during device removal. Suc...

UBUNTU-CVE-2026-46235

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...

CVE-2026-46075

A flaw was found in the Linux kernel, specifically within the atmel-sha204a cryptographic hardware random number generator hwrng driver. During the device removal process, a race condition can occur where a queued callback might execute while the device is being torn down. This can lead to a...

CVE-2026-45880

The CVE-2026-45880 entry concerns the Linux kernel PCI/P2PDMA path. When vm_insert_page() fails inside p2pmem_alloc_mmap(), the code path does not call percpu_ref_put() to release the per-CPU reference of the pgmap acquired after gen_pool_alloc_owner(). As a result, memunmap_pages() can hang inde...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the PCI P2PDMA driver’s p2pmemallocmmap function. When vminsertpage fails, the per-CPU pgmap...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and powersupply registration in the power management chip...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and powersupply registrations in the sbs-battery power...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper order of IRQ requests and powersupply registration in the power management chip...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fixed the issue where device resources were accessed after the device was removed. This corrected potential race conditions during device removal. Previously, a scheduled task to reset a LUN could still execute...

Astra Linux - уязвимость в linux, linux-5.10

A use-after-free flaw was discovered in ncirequest in net/nfc/nci/core.c within the NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race issue while the device is being removed, leading to a privilege escalation...

Astra Linux - уязвимость в linux, linux-5.10

A vulnerability was discovered in the Linux kernel, where a use-after-free condition could occur in nouveau’s postclose handler if a device is removed. This situation occurs when removing a device—a process that isn’t common for physically removing a video card without shutting down the system...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fixed the race condition involving the deleteendpoint function and the unregistration of parent ports. The CXL subsystem establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL...

Astra Linux - уязвимость в linux-5.10, linux

A use-after-free flaw was identified due to a race between the superblock operations in the gadgetfs Linux driver. This flaw could be triggered by removing a device that is running the gadgetfs side...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: rt2x00 – Memory leak fixed when handling survey data When removing a rt2x00 device, the associated channel surveys are not freed, resulting in a memory leak that can be observed using kmemleak. The affected object is:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - For the spi: amlogic: spifc-a4 component, there is a issue where the ECC engine is not registered properly upon probe failures, and the remove callback is not executed. - The amlsfcprobe function registers the on-host NAND E...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fixed a use-after-free issue during delayed work when removing a device. The delayed work item, otgevent, is initialized in fslotgconf and scheduled under two conditions: 1. When a host controller binds to the...