26 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so...
CVE-2026-53042
In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...
CVE-2026-53042
The CVE-2026-53042 issue affects the Linux kernel fwctl subsystem where class initialization ordering can trigger a NULL pointer dereference on device removal. Root cause: CXL is linked before fwctl in drivers/Makefile, leading to cxl_pci_driver_init() running before fwctl_init(). When cxl_pci_pr...
EUVD-2026-38910
In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: Fixed a NULL pointer dereferencing in hciuartwritework. The hciuartsetproto function sets HCIUARTPROTOINIT before calling hciuartregisterdev. This function calls proto-open to initialize hu-priv. However, if a...
PT-2026-51936
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fwctl component where incorrect class initialization ordering can lead to a NULL pointer dereference during device removal. Because CXL is linked before fwctl in t...
EUVD-2024-55616
Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...
CVE-2026-43312
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
CVE-2026-43312
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
CVE-2026-43312 media: i2c: ov5647: Initialize subdev before controls
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...
CVE-2026-43288
In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4percpuparaminit before ext4mbinit When running kvm-xfstests -c ext4/1k -C 1 generic/383 with the DOUBLECHECK macro defined, the following panic is triggered:...
Linux Distros Unpatched Vulnerability : CVE-2026-31669
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless...
CVE-2026-31669
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...
CVE-2026-23146
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004875)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004875 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: fix strpinit order and cleanup strpinit is called just a few lines above this csk-skuserdata...
CVE-2025-40338
CVE-2025-40338 is a Linux kernel vulnerability in ASoC: Intel avs where sharing the component name pointer could cause use-after-free during teardown. The fix duplicates the component name to prevent lifetime issues and updates the initialization/teardown order (noting that the config may pass a ...
CVE-2025-40338 ASoC: Intel: avs: Do not share the name pointer between components
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...
Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2025-21862)
dropmonitor: incorrect initialization order. If dropmonitor is built as a kernel module, syzkaller may have time to send a netlink NETDMCMDSTART message during the module loading. This will call the netdmmonitorstart function that uses a spinlock that has not yet been initialized. This plugin onl...
EUVD-2022-55239
Malicious code in bioql PyPI...
CVE-2025-38582
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix double destruction of rsvqp rsvqp may be double destroyed in error flow, first in freemrinit, and then in hnsroceexit. Fix it by moving the freemrinit call into hnsrocev2init. listdel corruption, ffff589732eb9b50-ne...