447 matches found
CVE-2026-10656
CVE-2026-10656 affects the MAX32xxx USB device controller driver (Zephyr MAX32 UDC), specifically udc_max32.c with compatible adi_max32_usbhs. The issue is a NULL-dereference in transfer-completion handlers: udc_event_xfer_out_done() uses net_buf_add(buf, ep_request->actlen) after buf = udc_bu...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: stratix10-svc – fixed an error in saving controller data. The incorrect use of platformsetdrvdata and devsetdrvdata has also been corrected. Both these functions refer to the same data, and they override each other...
twig/intl-extra: Unbounded formatter memoisation in keyed on template-controlled arguments
Description IntlExtension memoises every \IntlDateFormatter and \NumberFormatter it creates in instance-level arrays keyed on a hash that includes locale, pattern, attrs and other values that are ordinary named arguments of the formatdatetime / formatdate / formattime / formatnumber /...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mlx5: Fixed a leak in skb during fifo resync and push operations. During the ptp resync operation, SKBs were popped from the fifo, but they were never freed either by napiconsume or by devkfreeskbany. Added a call to...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: netsched: Fixed a NULL dereference in fifosetlimit. syzbot reported another NULL dereference in fifosetlimit. 1 I can reproduce the issue with the following commands: unshare -n tc qd add dev lo root handle 1:0 tbf limit 20000...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: SPI: sun6i – Fixing the race condition between DMA RX transfer completion and RX FIFO drain. Previously, the transfer-completion interrupt would immediately drain the RX FIFO to read any remaining data in the FIFO into the RX...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: The pointer used to track HVS FIFO operations was cleared after the operation was completed. Commit 9ec03d7f1ed3 “drm/vc4: kms: Wait for previous FIFO users before committing” introduced a mechanism for waiting for...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: Converted the raw to noinc versions of regmap functions for FIFO operations. The SC16IS7XX IC supports a burst mode for accessing FIFOs, where the initial register address is sent first $00$, followed by all th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: Ensure that the TX and RX FIFOs are empty at the start of a transfer. When transmitting with rxlen == 0, the RX FIFO will not be emptied in the interrupt handler. As a result, the next transfer might read dat...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mlx5: fixed the potential use-of-free situation during the use of PTP queue FIFO. FIFO indexes are not checked during pop operations, which can lead to a use-of-free issue when popping items from an empty queue. This issue was...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer The driver’s probe allocates memory for the RX FIFO port-rxfifo based on the default RX FIFO depth, such as 16. Later, during serial initialization,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the logic for disabling/enabling FIFO. Why When switching to another HDMI mode, we inevitably disable/enable the FIFO, causing both HPO and DIG registers to be set at the same time—when only HPO is supposed...
SUSE CVE-2026-43307
In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor fills the...
Linux Distros Unpatched Vulnerability : CVE-2026-43307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of...
samsung-exploits
Samsung Exynos 4412 Kernel Exploits Device: Samsung Galax...
CVE-2026-43466
A flaw was found in the Linux kernel's mlx5e network driver. During a transmit TX error recovery process, a desynchronization occurs in the Direct Memory Access DMA First-In, First-Out FIFO buffer. This desynchronization causes the system to incorrectly unmap memory addresses, which can lead to...
CVE-2026-43307
A flaw was found in the Linux kernel's iio: accel: adxl380 driver. The driver's interrupt handler, responsible for reading data from the sensor's FIFO First-In, First-Out buffer, can miscalculate the number of entries. This error may cause the driver to attempt to read beyond the actual data...
EUVD-2026-28772
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5eresettxqsqccpc resets dmafifocc to 0 but not dmafifopc, desyncing the DMA FIFO producer and consumer. After...
EUVD-2026-28698
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...
EUVD-2026-28577
In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor fills the...