OESA-2026-2415 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the devi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Driver: Base – Fixed UAF when driverattach fails When driverattachdrv fails, the driverprivate variable is freed. However, it was added to the bus, which caused a UAF Use-after-Allocation Fault. To fix this issue, we need to remo...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: Driver core: fixed a potential deadlock in driverattach. In the driverattach function, there is also an AA deadlock issue. For example, see the commit b232b02bf3c2 “Driver core: fix deadlock in deviceattach. The stack for this...

CVE-2026-31688

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce devicelock for drivermatchdevice Currently, drivermatchdevice is called from three sites. One site deviceattachdriver holds devicelockdev, but the other two bindstore and driverattach do not. This inconsisten...

CVE-2026-31688 driver core: enforce device_lock for driver_match_device()

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce devicelock for drivermatchdevice Currently, drivermatchdevice is called from three sites. One site deviceattachdriver holds devicelockdev, but the other two bindstore and driverattach do not. This inconsisten...

PT-2026-35494

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce device lock for driver match device Currently, driver match device is called from three sites. One site device attach driver holds device lockdev, but the other two bind store and driver attach do not. This...

SUSE CVE-2026-31527

In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...

CVE-2026-31487

A flaw was found in the Linux kernel, specifically within its Serial Peripheral Interface SPI subsystem. This vulnerability arises from improper handling of memory when a driver is being attached, leading to a use-after-free UAF condition. A UAF vulnerability is a type of memory corruption that c...

CVE-2026-31527

In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...

CVE-2026-31487

In the Linux kernel, the following vulnerability has been resolved: spi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...

PT-2026-34392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the SPI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006687)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006687 advisory. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driverattach failed When driverattachdrv %NASLMINLEVEL 80900 C Tenabl...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992930)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992930 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in driverattach In driverattach function, There are also AA...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988767)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988767 advisory. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driverattach failed When driverattachdrv %NASLMINLEVEL 80900 C Tenabl...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986649)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986649 advisory. In the Linux kernel, the following vulnerability has been resolved: driver: base: fix UAF when driverattach failed When driverattachdrv %NASLMINLEVEL 80900 C Tenabl...

EUVD-2022-55415

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

kernel: driver: base: fix UAF when driver_attach failed

A flaw was discovered in the Linux kernel’s device driver core. When driverattachdrv fails, the associated driverprivate structure is freed—but the driver remains registered on the bus. This leads to a use-after-free condition when the kernel subsequently references the freed driverprivate. A...

kernel: driver: base: fix UAF when driver_attach failed

A flaw was discovered in the Linux kernel’s device driver core. When driverattachdrv fails, the associated driverprivate structure is freed—but the driver remains registered on the bus. This leads to a use-after-free condition when the kernel subsequently references the freed driverprivate. A...

SUSE CVE-2022-50149

In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential deadlock in driverattach In driverattach function, There are also AA deadlock problem, like the commit b232b02bf3c2 "driver core: fix deadlock in deviceattach". stack like commit b232b02bf3c2 "driver...