CVE-2026-53115

A flaw was found in the Linux kernel's fsl-mc bus driver. During the driver probing process, a Use-After-Free UAF vulnerability can occur because the match callback accesses the driveroverride field without proper locking. This can lead to system instability or potentially allow an attacker to...

EUVD-2026-38983

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which ca...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bus: fsl-mc: Do not assume that child devices are all fsl-mc devices Changes in VFIO caused a pseudo-device to be created as a child of fsl-mc devices, resulting in a crash when attempting to bind a fsl-mc device to VFIO. This...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Blocking calls to interrupt handlers without triggering them The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL, and it may become NULL if the user sets the trigger parameter of eventfd to -1...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mcdev The committed code attempted to simplify the process of deallocations, but this led to a double-free on the mcdev variable. If the MC device is a DPRC, a new mcbus is allocated, and the mcdev...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: Fixed the KASAN use-after-free in fslmcbusremove. In fslmcbusRemove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev has already been freed in fslmcDeviceRemove. Therefore, referencing...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013753)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013753 advisory. In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check return value of platformgetresource platformgetresource returns NULL in case o...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013086)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013086 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006821)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006821 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006630 advisory. In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mc...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1489)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1489 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlbpmdshared CVE-2026-23100 In the Linux kernel, the following vulnerability has been resolved: bus:...

SUSE CVE-2026-23221

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, driveroverridestore uses driversetoverride, which modifies and frees t...

CVE-2026-23221

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, driveroverridestore uses driversetoverride, which modifies and frees t...

CVE-2026-23221

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, driveroverridestore uses driversetoverride, which modifies and frees t...

CVE-2026-23221

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, driveroverridestore uses driversetoverride, which modifies and frees t...

CVE-2026-23221 bus: fsl-mc: fix use-after-free in driver_override_show()

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, driveroverridestore uses driversetoverride, which modifies and frees t...

Linux Distros Unpatched Vulnerability : CVE-2026-23221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However,...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check the return value of platformgetresource. platformgetresource returns NULL in case of failure. Therefore, check its return value and propagate the error to prevent NULL pointer dereferencing...

PT-2026-20447

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The driver override show function in the Linux kernel can experience a use-after-free condition. This occurs because the function reads the driver override string without acquiring the...

SUSE CVE-2025-40029

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: Check return value of platformgetresource platformgetresource returns NULL in case of failure, so check its return value and propagate the error in order to prevent NULL pointer dereference...