1549 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: Unregistering the i2c device after unregistering the CEC adapter. The cecunregisteradapter function assumes that the underlying CEC adapter is callable. For example, if the CEC adapter currently has a valid...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix the issue where the adapter is not removed in piix4remove. In piix4probe, the piix4 adapter will be registered using piix4probe. This involves calling piix4addadapterssb800 or piix4addadapter. Both functions are...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fixed nullptrderef in az6007i2cxfer In az6007i2cxfer, msg is controlled by the user. When msgi.buf is null and msgi.len is zero, previous checks on msgi.buf will still be performed. Malicious data will eventually...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Power: Supply: bq27xxx-i2c: Do not free non-existent IRQs. The bq27xxx i2c-client may not have an IRQ; in such cases, client-irq will be 0. The bq27xxxbatteryi2cprobe function already includes a check for client-irq, which wraps...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fixed handling of real but unexpected device interrupts. The commit c7b79a752871 “mfd: intel-lpss: Added Intel Alder Lake PCH-S PCI IDs” caused a regression on certain Gigabyte motherboards for Intel Alder Lake-S...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: Initialize the acpigpioinfo struct Since commit 7c010d463372 “gpiolib: acpi: Ensure that the acpigpioinfo struct is initialized”, uninitialized acpigpioinfo structures are passed to acpifindgpio, and later, the...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Input: adp5589-keys – fixed the NULL pointer dereferencing issue. We have registered a devm action to call adp5589clearconfig, and then passed the i2c client as an argument. This allows us to call i2cgetclientdata in order to...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fixed a reference leak when pmruntimegetsync fails. The PM reference count is not expected to be incremented upon a return in lpi2cimxmasterenable. However, pmruntimegetsync will still increment the PM reference...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021632)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021632 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: et8ek8: Don't strip remove function when driver is builtin Using exit for the remove...
Linux Distros Unpatched Vulnerability : CVE-2026-43312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe,...
SUSE CVE-2026-43476
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30i2c: fix buffer size in sps30i2creadmeas sizeofnum evaluates to sizeofsizet 8 bytes on 64-bit instead of the intended be32 element size 4 bytes. Use sizeofmeas to correctly match the buffer element type...
Linux Distros Unpatched Vulnerability : CVE-2026-43476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: chemical: sps30i2c: fix buffer size in sps30i2creadmeas sizeofnum evaluates to sizeofsizet 8 bytes on 64-bit instead of the intended be32 element size 4...
EUVD-2026-30012
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30i2c: fix buffer size in sps30i2creadmeas sizeofnum evaluates to sizeofsizet 8 bytes on 64-bit instead of the intended be32 element size 4 bytes. Use sizeofmeas to correctly match the buffer element type...
UBUNTU-CVE-2026-43476
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30i2c: fix buffer size in sps30i2creadmeas sizeofnum evaluates to sizeofsizet 8 bytes on 64-bit instead of the intended be32 element size 4 bytes. Use sizeofmeas to correctly match the buffer element type...
CVE-2026-43476
CVE-2026-43476 affects the Linux kernel’s IIO sensor driver for SPS30 (iio: chemical: sps30_i2c). The root cause is a faulty buffer size calculation in sps30_i2c_read_meas() where sizeof(num) yields sizeof(size_t) (8 bytes on 64-bit) instead of the intended 4-byte __be32 element size; the fix use...
SUSE CVE-2026-43312
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
PT-2026-40683
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sps30 i2c read meas function within the iio: chemical: sps30 i2c component. The sizeofnum expression incorrectly evaluates to the size of size t 8 bytes on 64-bit...
SUSE CVE-2026-43380
In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/q54sj108a2 fix stack overflow in debugfs read The q54sj108a2debugfsread function suffers from a stack buffer overflow due to incorrect arguments passed to bin2hex. The function currently passes 'data' as the...
USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - Network traffic control; CVE-2022-49046,...
CVE-2026-43457
In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...