CVE-2025-71285

Summary of the CVE-2025-71285 cluster: The Linux kernel’s net/qrtr MHI auto_queue feature for IPCR DL channels is being removed. The race occurs when the MHI stack can call the DL path callback before the QRTR client driver is fully initialized, risking NULL pointer dereferences. The fix disables...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove the WQMEMRECLAIM flag from the state workqueue. A recent change created a dedicated workqueue for the state-change work, with WQHIGHPRI and WQMEMRECLAIM flags. However, the state-change work...

UBUNTU-CVE-2024-56689

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: epf-mhi: Avoid NULL dereference if DT lacks 'mmio' If platformgetresourcebyname fails and returns NULL because DT lacks an 'mmio' property for the MHI endpoint, dereferencing res-start will cause a NULL pointer...

PT-2024-11290 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, where the MHI Mobile Host Interface core does not properly validate channel IDs when processing command completions. This could lead to out-of-boun...