CVE-2026-45996

In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...

CVE-2026-45996 spi: imx: fix use-after-free on unbind

In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...

CVE-2026-45996

The CVE-2026-45996 issue affects the Linux kernel SPI imx driver, where a use-after-free can occur on unbind because the SPI subsystem frees controller and subsystem data during deregistration unless the allocation is device-managed. The fix adds a reference before deregistering the controller so...

CVE-2026-45956 drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...

CVE-2026-45956

The CVE affects the Linux kernel’s DRM Exynos driver (vidi) where vidi_connection_ioctl() looked up the struct vidi_context via drm_dev->dev, which held the exynos-drm master device instead of the vidi device. The root cause is using the wrong driver_data, leading to null pointer dereferences,...

PT-2026-43781

In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of driverdata from drmdev in the exynos-drm driver. This improper use can lead to null...

PT-2026-43863

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the SPI subsystem of the Linux kernel. The subsystem frees the controller and any allocated driver data during deregistration, unless the allocation is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Set driver data before its usage If vmclockptpregister fails during probing, vmclockremove is called to clean up the ptp clock and misc devices. This function uses devgetdrvdata to access the vmclock state. However,...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed a kernel crash during reboot when the adapter is in recovery mode. If the driver detects during the probe that the firmware is in recovery mode, then i40einitrecoverymode is called, and the rest of the probe functi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi structure. Therefore, this structure must...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and there is no .driverdata, a NULL pointer dereferencing occurs. This issue can be addressed by introduci...

SUSE CVE-2026-43259

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...

CVE-2026-43401 cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...

CVE-2026-43401

The CVE-2026-43401 issue affects the Linux kernel's intel_pstate component. A NULL pointer dereference can occur in update_cpu_qos_request() when the code dereferences cpudata before validating the policy, especially on systems booted with nosmt where all_cpu_data[cpu] may be NULL for SMT sibling...

CVE-2026-43175

A flaw was found in the Linux kernel's clk: rs9 component. An out-of-bounds write vulnerability exists due to insufficient allocation of struct clkhw slots. This can lead to corruption of struct rs9driverdata content and surrounding data, potentially causing a system crash, especially when the...

EUVD-2026-27821

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...

CVE-2026-43259

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...

CVE-2026-43259 phy: fsl-imx8mq-usb: set platform driver data

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...

CVE-2026-43259

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...