560 matches found
EUVD-2026-30016
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...
CVE-2026-43480
CVE-2026-43480 concerns the Linux kernel driver for ASoC on AMD devices: acp3x-rt5682-max9836. The vuln stemmed from acp3x_5682_init() not checking the return value of clk_get(), which could lead to dereferencing a bad pointer in rt5682_clk_enable(). The fix changes clk_get() to device-managed de...
PT-2026-40687
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The acp3x 5682 init function fails to check the return value of clk get, which can lead to the dereferencing of error pointers within the rt5682 clk enable function. Recommendations Upda...
EUVD-2026-28732
In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: fix use-after-free in ISR during device removal In usbhsremove, the driver frees resources including the pipe array while the interrupt handler usbhsinterrupt is still registered. If an interrupt fires after...
EUVD-2026-27759
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pruss: Fix double free in prussclkmuxsetup In the prussclkmuxsetup, the devmaddactionorreset indirectly calls prussoffreeclkprovider, which calls ofnodeputclkmuxnp on the error path. However, after the devmaddactionorres...
CVE-2026-43196
CVE-2026-43196 affects the Linux kernel PRUSS clock multiplexer path (pruss_clk_mux_setup). The issue is a double free: devm_add_action_or_reset() path frees a resource via pruss_of_free_clk_provider(), which calls of_node_put(clk_mux_np) on error, and a second of_node_put is executed after the p...
CVE-2025-71273
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devmkmemdup in rtwsetsupportedband Simplify the code by using device managed memory allocations. This also fixes a memory leak in rtwregisterhw. The supported bands were not freed in the error path. Copied from...
CVE-2026-43095
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...
PT-2026-37405
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdca irq populate from component probe using devm request threaded irq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handle...
PT-2026-37536
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free issue exists in the pruss clk mux setup function. The devm add action or reset function indirectly triggers pruss of free clk provider, which executes of node putclk mux np...
CVE-2026-43072
CVE-2026-43072 affects the Linux kernel drm/vc4 code path: platform_get_irq_byname() may return a negative error value, which was previously passed directly to devm_request_threaded_irq() without proper checking. The issue has been resolved in updated kernel code, and multiple OS-specific advisor...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: mtkscp: Fixed a potential double-free issue. scp-rproc is allocated using devmrprocalloc, so there is no need to explicitly free it in the remove function...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fixed a possible null-ptr-deref in vopbind. This issue could lead to a null-ptr-deref in resourcesize if platformgetresource returns NULL. Moving the call to resourcesize after devmioremapresource and checking...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ata: patapxa: Fix potential NULL pointer dereference in pxaataprobe devmioremap returns NULL on error. Currently, pxaataprobe does not check for this case, which can result in a NULL pointer dereference. Add NULL check after...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: - dmaengine: ti: edma: Add some null pointer checks to the edmaprobe. - devmkasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic-spisg: Fixed a memory leak in amlspisgprobe. In amlspisgprobe, the ctlr variable is allocated using spialloctarget/spiallochost, but the call to spicontrollerput fails in several error paths. This results in a memory...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Added a NULL pointer check in astvhubinitdev. The variable d-name, returned by devmkasprintf, could potentially be NULL. A pointer check has been added to prevent potential NULL pointer dereferencing. This is...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: gpio: mvebu: fixed the irq domain leak. Uwe Kleine-König pointed out that we still have one resource leak in the mvebu driver, which is triggered when the driver is detached. We will address this issue by implementing a custom...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hifmspi nor mspi is available If neither a "hifmspi" nor "mspi" resource is present, the driver will just early exit in probe but still return success. Apart from not doing anything...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: i2c: npcm: disable interrupt enable bit before devmrequestirq The customer reports that there is a soft lockup issue related to the i2c driver. After checking, the i2c module was doing a tx transfer and the bmc machine reboots in...