CVE-2026-46073

A flaw was found in the Linux kernel's hwmon subsystem, specifically within the powerz driver. When a signal interrupt occurs during the waitforcompletioninterruptibletimeout function, the system fails to properly abort the USB Request Block URB. This oversight can lead to the kernel attempting t...

CVE-2026-45914

In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...

CVE-2026-46007

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...

PT-2026-43940

Content removed...

CVE-2026-46073

hwmon: powerz Fix missing usbkillurb on signal interrupt...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the undo patch applied to the ibmpex hardware monitoring driver. This vulnerability may le...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Check for null before removing sysfsattrs. If coretempaddcore encounters an error, pdata-coredataindx is already NULL and has been freed. Do not pass this value to sysfsremovegroup, as it will cause a crash in...

CVE-2026-43380

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...

EUVD-2026-27724

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct7363 Fix a resource leak in nct7363presentpwmfanin When calling ofparsephandlewithargs, the caller is responsible to call ofnodeput to release the reference of device node. In nct7363presentpwmfanin, it does not release...

CVE-2026-43165

CVE-2026-43165 corresponds to a Linux kernel hwmon issue in the nct7363 driver where of_parse_phandle_with_args() references were not released with of_node_put(), causing a resource leak in nct7363_present_pwm_fanin. The connected OSV entries indicate patches in rootio-linux for various Ubuntu/De...

CVE-2026-43165

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct7363 Fix a resource leak in nct7363presentpwmfanin When calling ofparsephandlewithargs, the caller is responsible to call ofnodeput to release the reference of device node. In nct7363presentpwmfanin, it does not release...

CVE-2026-43165

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct7363 Fix a resource leak in nct7363presentpwmfanin When calling ofparsephandlewithargs, the caller is responsible to call ofnodeput to release the reference of device node. In nct7363presentpwmfanin, it does not release...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Fixed NULL pointer dereferencing by removing unnecessary structure fields. If the driver reads a value that is sufficient for the condition: val & 0x08 && !val & 0x80 && val & 0x7 == val 4 & 0x7 then NULL pointer...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: hwmon: axi-fan-control Fixed a possible NULL pointer dereferencing issue. axifancontrolirqhandler, which depends on the private axifancontroldata structure, might be called before the hwmon device is registered. This could lead t...

CVE-2026-31770

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

CVE-2026-43005

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

CVE-2026-31770 hwmon: (occ) Fix division by zero in occ_show_power_1()

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

PT-2026-36405

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A divide-by-zero flaw exists in the occ show power 1 function. In case 1 of this function, the accumulator is divided by the update tag variable without verifying if it is zero. If no...

Ubuntu Pro Realtime 24.04 LTS : Linux kernel (Raspberry Pi Real-time) vulnerabilities (USN-8204-1)

"The remote Ubuntu Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8204-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly...

CVE-2026-31486

The CVE-2026-31486 entry concerns the Linux kernel hwmon/pmbus/core regulator operations (get_voltage, set_voltage, list_voltage) not being mutex-protected, risking race conditions when accessing PMBus registers and shared data. The fix reworks pmbus_regulator_notify() to perform notifications vi...