271 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: The driver data must be set before it is used. If vmclockptpregister fails during probing, vmclockremove is called to clean up the ptp clock and misc devices. This function uses devgetdrvdata to access the vmclock...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present in the phydriver structure and there is no .driverdata, a NULL pointer dereferencing occurs. By inserting NULL checks for priv-type, ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct. Therefore, this structure must be...
CVE-2026-45996
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...
CVE-2026-45996 spi: imx: fix use-after-free on unbind
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...
CVE-2026-45996
The CVE-2026-45996 entry concerns a use-after-free in the Linux kernel SPI IMX driver (on unbind/deregistration). The root cause is that upon deregistering the SPI controller, driver data may be freed while still referenced, requiring an extra reference before deregistration to ensure data remain...
CVE-2026-45956 drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...
CVE-2026-45956
The CVE-2026-45956 entry concerns the Linux kernel DRM Exynos driver (vidi) where vidi_connection_ioctl() incorrectly reads driver_data from drm_dev->dev, which points to the exynos-drm master device rather than the vidi component device. This mismatch can trigger null pointer dereferences, ga...
PT-2026-43781
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ibmpex driver. The issue occurs because driver data is set to NULL before sensor attributes are removed. The function ibmpex show sensor retrieves this...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of driverdata from drmdev in the exynos-drm driver. This improper use can lead to null...
PT-2026-43863
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the SPI subsystem of the Linux kernel. The subsystem frees the controller and any allocated driver data during deregistration, unless the allocation is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: Fixed a kernel oops in btmtksdiointerrupt. Fixed the following kernel oops in btmtksdiointerrrupt: 14.339134 btmtksdiointerrupt+0x28/0x54 14.339139 processsdiopendingirqs+0x68/0x1a0 14.339144...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption. Usually, there is only one llcc device. But if there were a second one, even a failed probe call would modify the global drvdata pointer. Therefore, check whether...
SUSE CVE-2026-43259
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...
CVE-2026-43401 cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
CVE-2026-43401
The CVE-2026-43401 issue affects the Linux kernel's intel_pstate component. A NULL pointer dereference can occur in update_cpu_qos_request() when the code dereferences cpudata before validating the policy, especially on systems booted with nosmt where all_cpu_data[cpu] may be NULL for SMT sibling...
CVE-2026-43175
A flaw was found in the Linux kernel's clk: rs9 component. An out-of-bounds write vulnerability exists due to insufficient allocation of struct clkhw slots. This can lead to corruption of struct rs9driverdata content and surrounding data, potentially causing a system crash, especially when the...
EUVD-2026-27821
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...
CVE-2026-43259
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...
CVE-2026-43259
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...