143 matches found
SUSE CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
UBUNTU-CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2025-71315
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...
CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
CVE-2026-46286 affects the Linux kernel’s leds: qcom-lpg driver. Root cause: selecting high-resolution values uses FIELD_GET() from a 3-bit register while indexing into an array that has only 5 values, risking out-of-bounds access. The description states this was resolved by adding a proper bound...
EUVD-2025-210081
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...
CVE-2025-71315 drm/vkms: Convert to DRM's vblank timer
In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...
PT-2026-47358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array overflow occurs in the qcom-lpg LED driver. The FIELD GET function retrieves a value from a 3-bit register to index an array; however, the array contains only 5 elements. This...
Linux Distros Unpatched Vulnerability : CVE-2026-46286
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the drm/vkms module’s conversion of the vblank timer into DRM. This conversion removes the...
SUSE CVE-2026-43293
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
CVE-2026-43293
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
CVE-2026-43293 media: chips-media: wave5: Fix kthread worker destruction in polling mode
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
PT-2026-38935
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the wave5 driver when operating in polling mode. The driver uses an hrtimer to periodically trigger the wave5 vpu timer callback function, which queues work vi...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fixed the handling of late beacon hrtimer events. Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglx that our current handling of the hrtimer is incorrect. If the timer fires late—for example, due t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks attempting to cancel each other can also occur through bpfmapupdateelem. More precisely, freeing elements containing...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt, all online CPUs will be notified and set to offline. However, as highlighted in the commit 19dbdcb8039c “smp: Warn on functio...
CVE-2026-23245
In the Linux kernel, the following vulnerability has been resolved: net/sched: actgate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list. Convert the parameters to an RCU-protected snapshot and swap update...
CVE-2026-23014 perf: Ensure swevent hrtimer is properly destroyed
In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...