CVE-2026-46247 clk: qcom: gfx3d: add parent to parent request map

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46108

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

CVE-2026-45863

i3c: dw: Fix memory leak in dwi3cmasteri2cxfers...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Do not generate an interrupt during bus reset. Now that the i2c-i801 driver supports interrupts, setting the KILL bit in an attempt to recover from a timed-out transaction triggers an interrupt. Unfortunately, the...

PT-2026-40684

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/i915/vrr component where writing to TRANS VRR VMAX or FLIPLINE before enabling TRANS DDI FUNC CTL can cause a system hang with a Machine Check Exception MCE on...

PT-2026-39090

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The usbtmc driver allows users to specify timeout values via an ioctl command, which are then used in usb bulk msg calls. Because usb bulk msg employs unkillable waits, a user could...

CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fix PCI device refcount leak in pchrequestdma As comment of pcigetslot says, it returns a pcidevice with its refcount increased. The caller must decrement the reference count by calling pcidevput. Since 'dmadev' is...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fixed out-of-bounds accesses in RX fixup The function aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device. Specifically: - The metadata array...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170txrelease function sometimes triggers a fortified-memset warning in my randconfig builds: In file included from include/linux/string.h:254, from...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed a race condition during IPSec ESN update. In IPSec full offload mode, the device reports an ESN Extended Sequence Number wrap event to the driver. The driver validates this event by querying the IPSec ASO and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau/nvif: A potential memory leak was fixed in nvifvmmctor. When the nvifvmmtype is invalid, an error is returned directly without freeing the arguments passed to nvifvmmctor, resulting in a memory leak. This issue was...

SUSE CVE-2026-31623

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags overflow in rxcomplete A malicious USB device claiming to be a CDC Phonet modem can overflow the skbsharedinfo-frags array by sending an unbounded sequence of full-page bulk transfers. Drop the...

DEBIAN-CVE-2026-31581

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013493 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Set debugfsdir pointer to NULL after removing debugfs If init debugfs failed durin...

SUSE-SU-2026:21057-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

ALSA: usb-audio: Use correct version for UAC3 header validation

...

CVE-2026-23289

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...

CVE-2026-23298

In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...

net: usb: rtl8150: fix memory leak on usb_submit_urb() failure

...