356 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: gpio: aggregator: Protect driver attr handlers against module unload Both newdevicestore and deletedevicestore interact with module global resources e.g., gpioaggregatorlock. To prevent race conditions during module unloading,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: Fixed null-ptr-deref in socklockinitclassandname and rmmod. When I ran the reproduction steps and waited for a few seconds, I observed two LOCKDEP errors: a warning followed immediately by a null-ptr-deref. Reproduction Step...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fixed the destruction of kthread workers in polling mode. The cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreadDestroyWorker before...
Astra Linux - уязвимость в grub2
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory use-after-free issue, occurs because the normalexit command is not properly unregistered when its related module is unloaded. An attacker can exploit this condition by invoking the command after...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021595 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko...
SUSE CVE-2026-43293
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
SUSE CVE-2026-43301
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pmruntimeputsync with pmruntimedontuseautosuspend in the remove path to properly pair with pmruntimeuseautosuspend from probe. This allows pmruntimedisable t...
CVE-2026-43293
A flaw was found in the Linux kernel's wave5 media driver. During the removal of the wave5 module in polling mode, a timing issue, known as a race condition, can occur. This happens because the process that destroys the worker is initiated before the timer that queues work is fully canceled. This...
CVE-2026-43293
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
UBUNTU-CVE-2026-43293
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
CVE-2026-43293 media: chips-media: wave5: Fix kthread worker destruction in polling mode
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode irq worklist and WARNON!listempty&worker-delayedworklist. The original code called kthreaddestroyworker before...
PT-2026-38935
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the wave5 driver when operating in polling mode. The driver uses an hrtimer to periodically trigger the wave5 vpu timer callback function, which queues work vi...
PT-2026-38943
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A PM runtime usage count underflow exists in the wave5 driver. The driver unconditionally calls the pm runtime put sync function during the remove path, which may conflict with the pm...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: fixed a double-free issue during the unloading of the amdgpu module Flexible endpoints use DIGs from available inflexible endpoints; therefore, only the encoders of inflexible links need to be freed. Otherwise...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042platformdevice pointer in i8042probe or i8042remove, so that the device can be properly destroyed by i8042exit on module unload...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Call isoexit on module unload If isoinit has been called, isoexit must be called on module unload. Without that, the struct proto that isoinit registered with protoregister becomes invalid, which could cause...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed the transport TOCTOU issue. The transport assignment may race with module unloading. This issue is addressed by protecting newtransport from becoming a stale pointer. This also includes fixing an insecure call in...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/meson: Explicitly remove the aggregate driver at module unload time. Since componentmasterdel was not called when unloading the mesondrm module, the aggregate device would remain in the global aggregatedevices list...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: proc: Fixed a UAF in procget inode. Fixed a race condition between rmmod and the instantiation of /proc/XXX’s inode. The bug is that pde-procops does not belong to /proc; instead, it belongs to a module. Therefore, dereferenci...