224 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Added missing error checks for clock acquisition. The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values of clkget. This could lead to a kernel crash when invalid pointe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mux: mmio: Fixed the regmap leak that occurs during probe failures. The regmap that may be allocated during a probe is never released. We have switched to using the device-managed allocator, so that the regmap is released during...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SDCA: Fixed errors in IRQ cleanup. IRQs are enabled through sdcairqpopulate from the component probe using devmrequestthreadedirq. However, this means that IRQs may persist if the sound card is removed. Some of the IRQ...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: The second sensor, hi3660, was removed. The commit 74c8e6bffbe1 “driver core: Add allocsize hint to devm allocators” exposes a panic “BRK handler: Fatal exception” during the hi3660thermalprobe function. Thi...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/tests: helpers: Avoid a driver UAF When using drmkunithelperallocdrmdevice, the driver may be referenced by device-managed resources until the device is freed. This typically happens later than when the kunit-managed resource...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference to usbgetdev is not released during the gpiompsseprobe error paths. This issue was fixed by using device-managed helper functions. Additionally, the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ALSA: ymfpci: Created a card with the device-managed snddevmcardnew function. The sndcardymfpciremove function was removed in commit c6e6bb5eab74 “ALSA: ymfpci: Allocating resources using device-managed APIs”, but the call to...
EUVD-2026-34126
In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devmaddactionorreset failure the provided cleanup action will be run immediately on the not yet initialized kobject. This may lead to errors like: kobject: 'null' ff110001393608e0: i...
CVE-2026-46264
CVE-2026-46264 addresses a Linux kernel flaw in drm/xe/pf where an error in devm_add_action_or_reset() can cause a cleanup action to run on an uninitialized kobject during sysfs initialization. This use-after-free and kobject_put() on an uninitialized object is mitigated by ensuring proper initia...
UBUNTU-CVE-2026-45938
In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916lbc: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
UBUNTU-CVE-2026-45936
In the Linux kernel, the following vulnerability has been resolved: power: supply: goldfish: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
CVE-2026-45867
The CVE-2026-45867 issue affects the Linux kernel power_supply subsystem (act8945a) and is caused by a race condition: requesting the IRQ with the devm_ path before the devm_ path that registers the power_supply handle can lead to use-after-free when the IRQ fires after the power_supply object is...
PT-2026-43749
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the pm8916 bms vm component. The problem occurs because the devm variant for requesting an IRQ is used before the devm variant for allocating or...
PT-2026-43735
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak occurs in the pcs add gpio func function. The of parse phandle with args function returns a device node pointer with an incremented reference count in gpiospec.np...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: Fixed the simplification of devmspiregistercontroller. This change is reflected in commit 59ebbe40fb51 “spi: simplified devmspiregistercontroller“”. If devmaddaction fails in devmaddactionorreset, devmspiunregister will be...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason, it can lead to a double-free when unloading amd-pmf. This occurs because dev-buf was freed but never set to NULL, and then freed...
SUSE CVE-2026-43480
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...
CVE-2026-43480
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...
CVE-2026-43480
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...
Linux Distros Unpatched Vulnerability : CVE-2026-43480
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could...