Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several situations in which the kernel can crash when requests are made to unbind the GPIO device and then system calls related to the GPIO character device’s anonymous file...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gpio: aggregator: Protect driver attr handlers against module unload Both newdevicestore and deletedevicestore access module global resources e.g., gpioaggregatorlock. To prevent race conditions during module unloading, a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Power: Supply: gpio-charger: Fixed the issue related to setting charge current limits. The issue involved devices that allow the lowest charge current limit to be greater than zero. If the requested charge current limit is below...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: wpcm450: fix an out-of-bounds write issue. The write operation to ‘pctrl-gpiobank’ occurs before the check for the validity of the GPIO index, which may lead to an out-of-bounds write. This issue was detected by...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gpio: Restrict the use of GPIO chip IRQ members before initialization. The IRQ members of the GPIO chip are exposed before they can be fully initialized, which leads to race conditions. One such issue was observed with the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Regulator: bq257xx: A leak in the device node reference occurred in bq257xxregdtparsegpio. In bq257xxregdtparsegpio, if the subchild is not successfully retrieved, the function returns without calling nodeputchild, resulting in a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpio: wcd934x – Fixed the out-of-bounds shift error The bit mask for pins 0 to 4 is BIT0 to BIT4, but we actually ended up with BITn – 1, which is incorrect. This issue was detected by the UBSAN check. UBSAN: Out-of-bounds shi...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fixed the issue of potential out-of-bound writing. If the caller wrote more characters, the count is truncated to the maximum available space in “simplewritetobuffer”. Ensure that the input size does not exceed th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a memory leak in uvcgpioparse Previously, the unit buffer was allocated before checking the IRQ for privacy-related GPIO signals. If an error occurred, the unit buffer could be leaked. The issue is now...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rt4801: Fixed a NULL pointer dereferencing issue when priv-enablegpios is NULL. devmgpiodgetarrayoptional may return NULL if no GPIO was assigned...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use rawspinlock to protect register access The rawspinlock is used to fix spurious messages about invalid context when spinlock debugging is enabled. The lock is only used to serialize register access. 4.239592...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: npcm8xx: Added a NULL check in npcm8xxgpiofw. Calls to devmkasprintf may return null pointers in case of failure. However, the return values were not checked in npcm8xxgpiofw. Therefore, a NULL check should be...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix the refcount leak in sifivegpioprobe. The function ofirqfindparent returns a node pointer with the refcount incremented. We should use ofnodeput on it when it is no longer needed. Add ofnodeput to avoid the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs. The value of pdata-gpiounbanked is retrieved from the Device Tree. If the Device Tree is corrupted due to any error, this value can be arbitrary. Without this value validation,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed a NULL pointer dereferencing issue when removing debugfs. We now remove the debugfs entries of the device when unbinding the driver. This now causes a NULL-pointer dereferencing issue at the end of the module,...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fixed a global-out-of-bounds issue When the eint virtual eint number is greater than the gpio number, it may cause a ‘desceintn’ size global-out-of-bounds issue...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gpio: amd8111: Fixed the issue with the reference count leak of PCI devices The function foreachpcidev is implemented through pcigetdevice. The comment accompanying pcigetdevice states that it will increase the reference count...

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8098-8)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8098-8 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

SUSE CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

CVE-2026-46258

A flaw was found in the Linux kernel's gpio: cdev module. A NULL pointer dereference in the linehandlecreate function can occur, leading to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...