126 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only add the LED to ledslist when it is fully ready. Before this change, the LED was added to ledslist before the ledinitcore function was called—that is, before ledclassdev.setbrightnesswork was initialized. Thi...
EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2026-2371)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2293)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...
SUSE CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
EUVD-2026-35151
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286
CVE-2026-46286 describes a Linux kernel issue in leds: qcom-lpg, where selecting high-resolution values from a 5-entry array uses FIELD_GET() to pull from a 3-bit register, risking out-of-bounds reads. The referenced fix adds a bounds check before indexing, preventing overflow and potential incor...
CVE-2026-46286 leds: qcom-lpg: Check for array overflow when selecting the high resolution
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
CVE-2026-46286 leds: qcom-lpg: Check for array overflow when selecting the high resolution
In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...
PT-2026-47358
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array overflow occurs in the qcom-lpg LED driver. The FIELD GET function retrieves a value from a 3-bit register to index an array; however, the array contains only 5 elements. This...
EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2026-2102)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: leds: Trigger: Unregisters sysfs attributes before calling deactivate. Triggers that have trigger-specific sysfs attributes typically store related data in trigger-data allocated by the activate callback and freed by the deactiva...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fixed out-of-bounds reading in afe4404read|writeraw. KASAN reports an out-of-bounds read as follows: BUG: KASAN: Global out-of-bounds access in afe4404readraw+0x2ce/0x380. A size 4 byte read was performed at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fixed OF node reference count leakage. Automated reviews identified a leakage of the OF node reference count when checking whether the ‘leds’ child node exists. The Call ofputnode function is used to correct...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013707)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013707 advisory. In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in ofledget classfinddevicebyofnode calls classfinddevice, it...
SUSE CVE-2026-23081
In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...
SUSE CVE-2026-23101
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to ledslist when it is fully ready Before this change the LED was added to ledslist before ledinitcore gets called adding it the list before ledclassdev.setbrightnesswork gets initialized. This leave...
CVE-2026-23101
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to ledslist when it is fully ready Before this change the LED was added to ledslist before ledinitcore gets called adding it the list before ledclassdev.setbrightnesswork gets initialized. This leave...
CVE-2026-23081
In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...