65 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: greybus: A use-after-free bug was fixed in gbinterfacerelease due to a race condition. In gbinterfacecreate, &intf-modeswitchcompletion is bound to gbinterfacemodeswitchwork. Then, it will be initiated by...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Do not assume that a CID is owned by the CPU during mode switching. Shinichiro reported a KASAN UAF, which is actually an out-of-bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 -...
PT-2026-36389
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A state inconsistency occurs in the cdns3 USB driver when cdns3 gadget start fails. In this scenario, the Dual-Role Device DRD hardware remains in gadget mode while the software state is...
CVE-2026-26741
PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state after landing and before the automatic disarm triggered by the COMDISARMLAND parameter, the system lacks a thrott...
EUVD-2026-10753
PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state after landing and before the automatic disarm triggered by the COMDISARMLAND parameter, the system lacks a thrott...
EUVD-2026-10752
PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state after landing and before the automatic disarm triggered by the COMDISARMLAND parameter, the system lacks a thrott...
CVE-2026-26741
PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state after landing and before the automatic disarm triggered by the COMDISARMLAND parameter, the system lacks a thrott...
sched/mmcid: Don't assume CID is CPU owned on mode switch
...
SUSE CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225
CVE-2026-23225 affects the Linux kernel MMCID mode switch logic. The issue arises when the per-other CPU CID ownership state (TRANSIT) is set but the CID is not CPU-owned, causing mm_drop_cid_on_cpu() to clear ONCPU and then touch an invalid bit, yielding an out-of-bounds access. The root cause i...
CVE-2026-23225 sched/mmcid: Don't assume CID is CPU owned on mode switch
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
CVE-2026-23225 sched/mmcid: Don't assume CID is CPU owned on mode switch
In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...
PT-2026-20451
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the MMCID management code related to handling CPU ID CID transitions. Specifically, the issue arises when a task exits while in a transitional state,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988904)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988904 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenari...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986840)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986840 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail from dwc3gadgetexit if dwc-gadget is NULL There exists a possible scenari...