Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed kernel panic during warm reset. During warm reset, device-fwclient is set to NULL. If a bus driver is registered after this NULL setting and before new firmware clients are enumerated by ISHTP, a kernel...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fixed a UAF issue after unbinding the driver. After unbinding the driver, another kthread named crosecconsolelogwork still accesses the device, resulting in a UAF and system crash. The driver does no...

SUSE CVE-2026-45877

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

CVE-2026-45877

CVE-2026-45877 concerns the Linux kernel HID driver for Intel ISH. The issue is a NULL-pointer dereference in ishtp_bus_remove_all_clients during a warm reset when cl->device may be NULL while clients are enumerated, leading to a kernel panic. Multiple sources (NVD, Red Hat, SUSE, Debian/OSV, ...

CVE-2026-45877

HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ishtpbusremoveallclients function in the intel-ish-hid driver. This function does not perform a nul...

PT-2026-43744

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the ishtp bus remove all clients function during a warm reset flow. If a reset happens while clients are still being enumerated, the cl-device pointe...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: ipc: Fixed a potential use-after-free issue in the work function. When a reset notify IPC message is received, the ISR schedules a work function and passes the ISHTP device to it via a global pointer called...

ROS-20260120-7339

A vulnerability in the ishtphidremove function of the Linux operating system kernel is related to a memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

UBUNTU-CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

CVE-2025-68804 platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

PT-2026-2536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel related to the Chrome EC ISHTP driver. After the driver is unbound, a kernel thread, cros ec console log work, continues to access the...

Linux Distros Unpatched Vulnerability : CVE-2025-68804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device,...

MiracleLinux 9 : kernel-5.14.0-570.32.1.el9_6 (AXSA:2025-10781:59)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10781:59 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kerne...

Oracle Linux 7 : kernel (ELSA-2025-21063)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21063 advisory. - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373...

AlmaLinux 10 : kernel (ALSA-2025:12662)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:12662 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: HI...