157 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-45866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed a NULL pointer dereferencing issue when removing debugfs. We now remove the debugfs entries of the device when unbinding the driver. This now causes a NULL-pointer dereference at the end of the module’s...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: can: j1939: The j1939sessionactivate function may fail if the device is no longer registered. The syzbot still reports: unregisternetdevice: Waiting for vcan0 to become available. Usage count: 2. Even after committing the change...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: GPU: host1x – Fixed memory leak related to device names The device names allocated by devsetname need to be freed before module unloading. However, this cannot be done because the reference count of the kobject, set during...
CVE-2026-43167
A flaw was found in the Linux kernel's xfrm subsystem, which handles IPsec Internet Protocol Security transformations. This vulnerability is caused by a reference count leak in xfrmstate objects when a network device is unregistered. An attacker with local access and privileges to configure netwo...
EUVD-2026-27743
In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain under /sys/class/gpio because once we remove the pare...
CVE-2026-43167
In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...
PT-2026-37521
In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain under /sys/class/gpio because once we remove the pare...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to refresh states and policies during the NETDEVUNREGISTER event. This could lead to ...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: mt76: dma: fixed a memory leak in the mt76dmatxcleanup function. Fixed the memory leak caused by unregistering devices, and always cleaned up all configured rx queues during the mt76dmatxcleanup routine...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: can: bcm: Removes the proc entry when the device is not registered. syzkaller reported a warning in bcmconnect. 0 The repro calls connect for vxcan1, removes vxcan1, and calls connect with ifindex == 0. Calling connect for a BCM...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbldevicenotify+0x7c9/0x870 net/caif/caifusb.c:138...
CVE-2026-43015
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...
CVE-2026-43015
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...
CVE-2026-43015 net: macb: fix clk handling on PCI glue driver removal
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...
EUVD-2026-26574
In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iiodeviceregister to correct location iiodeviceregister should be at the end of the probe function to prevent race conditions. Place iiodeviceregister at the end of the probe function and place...
PT-2026-36432
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platform device unregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free o...
SUSE CVE-2026-31678
In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...
CVE-2026-31678
In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...
CVE-2026-31530
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parentport in cxldetachep cxldetachep is called during bottom-up removal when all CXL memory devices beneath a switch port have been removed. For each port in the hierarchy it locks both the port a...