SUSE CVE-2026-45866

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

EUVD-2026-32332

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

CVE-2026-45866

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

CVE-2026-45866

The CVE-2026-45866 issue is a use-after-free in caif_serial within the Linux kernel where handle_tx() may access ser->tty after the tty is freed due to tty_kref_put() occurring in ldisc_close() while the network device is still active. The race between ldisc_close() and packet transmission can...

CVE-2026-45866

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

CVE-2026-45866 serial: caif: fix use-after-free in caif_serial ldisc_close()

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

CVE-2026-45866

serial: caif: fix use-after-free in caifserial ldiscclose...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fixed the soft lockup issue in flushtoldisc. When running the ltp testcase ltp/testcases/kernel/pty/pty04.c with arm64, there is a soft lockup. The detailed call trace is as follows: Workqueue: eventsunbound →...

CVE-2026-43458

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

CVE-2026-43458 serial: caif: hold tty->link reference in ldisc_open and ser_release

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

CVE-2026-43458

The CVE affects the Linux kernel’s caif_serial line discipline. A use-after-free (KASAN slab UAF) could be triggered in pty_write_room() when the caif_serial TX path invokes tty_write_room(), accessing tty->link->port. Root cause: improper management of the tty->link reference during ldi...

PT-2026-39119

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab-use-after-free issue exists in the Linux kernel's caif serial line discipline. The problem occurs when the TX path calls tty write room, leading to a faulting access on...

MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989811 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fix the softlockup issue in flushtoldisc When running ltp...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986924 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fix the softlockup issue in flushtoldisc When running ltp...

CVE-2022-50374 Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...

kernel: tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc

In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fix the softlockup issue in flushtoldisc When running ltp testcaseltp/testcases/kernel/pty/pty04.c with arm64, there is a soft lockup, which look like this one: Workqueue: eventsunbound flushtoldisc Call trace:...

SUSE CVE-2022-50116

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

AZL-70409 CVE-2022-50116 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

kernel: tty: add the option to have a tty reject a new ldisc

A vulnerability was found in the Linux kernel's TTY subsystem, where the option to reject a new ldisc was improperly implemented, which can lead to a situation where the conwrite routine is called while holding a spinlock, potentially causing a sleep operation in an invalid context...