SUSE CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

EUVD-2026-32761

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

CVE-2026-46134

Summary: CVE-2026-46134 affects the Linux kernel, specifically the Thunderbolt path under platform/chrome for CrosEC Type-C. The root cause was that in cros_typec_register_thunderbolt(), the adata->lock mutex was not initialized, which can lead to a NULL dereference when the mutex is later acq...

CVE-2026-46134 platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

PT-2026-44257

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A NULL dereference occurs in the Linux kernel when the cros typec register thunderbolt function fails to initialize the adata-lock mutex. This issue manifests when the uninitialized mutex i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex The mutex of the struct applesmc is initialized in the applesmcprobe function. Surprisingly, using the uninitialized mutex only resulted in occasional NULL pointer dereferences in calls to applesmcre...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer issue in freemrinit. A lock grab occurs in a concurrent scenario, resulting in dereferencing a NULL pointer. This issue should be addressed by using initmutexinit before attempting to lock...

EUVD-2026-27723

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...

CVE-2026-43160

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...

CVE-2026-43160 mfd: macsmc: Initialize mutex

In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...

CVE-2026-43160

The vulnerability CVE-2026-43160 concerns the Linux kernel’s mfd: macsmc driver, where a mutex in struct apple_smc was not initialized in apple_smc_probe(). An uninitialized mutex can lead to occasional NULL pointer dereferences in apple_smc_read() invoked by probe() paths of subdevices. A patch ...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported that mxl111sfctrlmsg uses an uninitialized mutex. The issue was in the incorrect location of the mutexinit call. Previously, the mutexinit&state-msglock call was made...

kernel: net/mlx5: fs, fix UAF in flow counter release

A use-after-free flaw was discovered in the Linux kernel’s mlx5 Net/MLX5 subsystem: within the function mlx5cmdhwsdeletefte the HWS action reference count and mutex for a local flow counter were not initialized, meaning the flow-counter structure could already be freed while deleting the rule. Th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989012)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989012 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitializ...

EUVD-2025-34593

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

UBUNTU-CVE-2025-39979

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-39979 net/mlx5: fs, fix UAF in flow counter release

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...

CVE-2025-39979

CVE-2025-39979 affects the Linux kernel component involving net/mlx5 fs flow actions. The issue arises in releasing a local flow counter (mlx5_cmd_hws_delete_fte) where the HWS action refcount and mutex were not initialized, allowing a potential use-after-free of the counter struct when deleting ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986829)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986829 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitializ...