182 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex...
Linux Distros Unpatched Vulnerability : CVE-2026-53115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock...
Linux Distros Unpatched Vulnerability : CVE-2026-53117
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held...
EUVD-2026-38988
In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...
EUVD-2026-38983
In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which ca...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: Driver Core: Fixed a potential deadlock in driverattach. In the driverattach function, there is also an AA deadlock issue, similar to the commit b232b02bf3c2 "Driver Core: Fix Deadlock in deviceattach". The stack trace is as...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: spi: Fixed a use-after-free issue during controller registration failures. Be sure to also deregister from the driver core in case the per-cpu statistics allocation fails during controller registration, in order to avoid...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net:mctp: Fix for device leak on probe failure The driver core holds a reference to the USB interface and its parent USB device while the interface is bound to the driver. There is no need to hold additional references unless tho...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021588)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021588 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: efifb: Register sysfs groups through driver core The driver core can register and cleanup...
UBUNTU-CVE-2026-43375
In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
CVE-2026-31688
A flaw was found in the Linux kernel's driver core. An inconsistency in enforcing the devicelock for drivermatchdevice can lead to a race condition. This issue, specifically when the driveroverride implementation is used, can result in a use-after-free UAF vulnerability. A use-after-free...
CVE-2026-31688
...
CVE-2026-31688
CVE-2026-31688 entry is rejected/not used and does not represent an active vulnerability entry.
SUSE CVE-2026-31527
In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...
EUVD-2026-24853
In the Linux kernel, the following vulnerability has been resolved: spi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...
CVE-2026-31527 driver core: platform: use generic driver_override infrastructure
In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...
CVE-2026-31487
The CVE concerns the Linux kernel SPI subsystem. A flaw arises when a driver is probed via __driver_attach(): the bus match() callback is invoked without holding the device lock, allowing access to the driver_override field without proper synchronization, creating a use-after-free (UAF) risk. The...
PT-2026-34432
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the driver core platform. This occurs when a driver is probed through the driver attach function, causing the bus match callback to be called without...
com.aegisql:conveyor-configurator (>=1.5.1 <=1.5.2), com.datastax.oss.quarkus:cassandra-quarkus-client (>=1.0.1 <=1.0.4) +2043 more potentially affected by CVE-2026-22018 via org.graalvm.sdk:graal-sdk (>=21.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =21.0.0, =1.5.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.0.1, =1.0.1, =1.0.1, =4.11.0, =1.2.0, =1.2.0, =1.4.0 and more Source cves: CVE-2026-22018 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-...
com.aegisql:conveyor-configurator (>=1.5.1 <=1.5.2), com.datastax.oss.quarkus:cassandra-quarkus-client (>=1.0.1 <=1.0.4) +2043 more potentially affected by CVE-2026-34268 via org.graalvm.sdk:graal-sdk (>=21.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =21.0.0, =1.5.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.0.1, =1.0.1, =1.0.1, =4.11.0, =1.2.0, =1.2.0, =1.4.0 and more Source cves: CVE-2026-34268 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-...