CVE-2026-31487 spi: use generic driver_override infrastructure

In the Linux kernel, the following vulnerability has been resolved: spi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...

CVE-2026-31487

The CVE concerns the Linux kernel SPI subsystem. A flaw arises when a driver is probed via __driver_attach(): the bus match() callback is invoked without holding the device lock, allowing access to the driver_override field without proper synchronization, creating a use-after-free (UAF) risk. The...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the cyclic locking dependency between reqlock and the work queue in nciclosedevice, potentially...

PT-2026-34392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the SPI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...

PT-2026-34414

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A circular locking dependency exists in the NFC NCI component. The nci close device function flushes rx wq and tx wq while holding the req lock mutex. This creates a conflict because nci...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper locking sequence in the l2capconndel function, potentially leading to a deadlock...

PT-2026-34432

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the driver core platform. This occurs when a driver is probed through the driver attach function, causing the bus match callback to be called without...

Linux Distros Unpatched Vulnerability : CVE-2026-31527

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the...

Linux Distros Unpatched Vulnerability : CVE-2026-31509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: nci: fix circular locking dependency in nciclosedevice nciclosedevice flushes rxwq and txwq while holding reqlock. This causes a circular locking dependenc...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013762)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013762 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: hisisas: Grab sasdev lock when traversing the members of sasdev.list When freeing slots in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013098)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013098 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007035 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and resu...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013169)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013169 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011382)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011382 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013348 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstatechange rfcommskstatechange attempts to u...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012974)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012974 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Lock external INTx masking ops Mask operations through config space changes to DisINTx...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013004 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-013109)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013109 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via...

OESA-2026-1950 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix extent map use-after-free when handling missing device in readonechunk Store the error code before freeing the extentmap. Though it's reference counte...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007630)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007630 advisory. In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an...