Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: A memory leak has been fixed in the mhimbimdellink function. The MHI driver registers the network device without setting the needsfreenetdev flag. Additionally, it does not call freenetdev when unregistering the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mhi: Fixed a memory leak in mhinetdellink. The MHI driver registers the network device without setting the needsfreenetdev flag. It also does not call freenetdev when unregistering the network device, resulting in a memory...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host – Added an alignment check for the event ring read pointer. Although we check the event ring read pointer using “isvalidringptr” to ensure it is within the buffer range, there is another risk that the pointer might...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bus: MHI: Host – Drop the channel lock before queuing buffers. Ensure that read and write locks for the channel are not acquired consecutively by dropping the read lock from parsexferevent. This allows a callback provided to the...

EUVD-2025-209675

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Drop the MHI autoqueue feature for IPCR DL channels MHI stack offers the 'autoqueue' feature, which allows the MHI stack to auto queue the buffers for the RX path DL channel. Though this feature simplifies the client...

CVE-2025-71285

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Drop the MHI autoqueue feature for IPCR DL channels MHI stack offers the 'autoqueue' feature, which allows the MHI stack to auto queue the buffers for the RX path DL channel. Though this feature simplifies the client...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the MHI autoqueue function within the qtrr module on the IPCR DL channel. Thi...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin is missing, ath11k will crash during the ‘rmmod ath11kpci’ command. The reason for this is that we were using mhipowerup, which does not check for any errors. However, mhisyncpowerup do...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: pcigeneric: Use pcitryresetfunction to avoid deadlock. There are multiple places where the recovery work is scheduled asynchronously. Additionally, there are multiple places where the caller waits synchronously fo...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - bus: mhi: core: Fixed an invalid error that was returned in mhiqueue. - mhiqueue returns an error when the doorbell is not accessible in the current state. This can occur when the device is in a non-M0 state, such as M3, and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if the client driver is available. For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if the client driver is available. Otherwise, it will result in a null...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: The read pointer is updated only after the buffer has been written. Within mhiepringaddelement, the read pointer rdoffset is updated before the buffer is written. This may lead to race conditions, where the host see...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Detect events pointing to unexpected TREs When a remote device sends a completion event to the host, it contains a pointer to the consumed TRE. The host uses this pointer to process all of the TREs between itself...

CLSA-2026-1771239384 kernel: Fix of 75 CVEs

net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 - NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 - scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow CVE-2023-53676 - KVM: x86: use arrayindexnospec with indices that come from...

CLSA-2026-1771081379 kernel: Fix of 76 CVEs

HID: core: ensure the allocated report buffer can contain the reserved report ID CVE-2025-38495 - fs/proc: fix uaf in procreaddirde CVE-2025-40271 - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer CVE-2025-40269 - Bluetooth: ISO: Fix possible UAF on isoconnfree CVE-2025-40141 -...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38429)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38429 advisory. - In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Update read pointer only...

ROS-20260120-73-0007

A vulnerability in the mhi component of the Linux operating system kernel is related to insufficient blocking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2023-54249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if...