57 matches found
SUSE CVE-2026-46134
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...
CVE-2026-46134
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...
EUVD-2026-32761
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...
CVE-2026-46134
Summary: CVE-2026-46134 affects the Linux kernel, specifically the Thunderbolt path under platform/chrome for CrosEC Type-C. The root cause was that in cros_typec_register_thunderbolt(), the adata->lock mutex was not initialized, which can lead to a NULL dereference when the mutex is later acq...
CVE-2026-46134 platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...
PT-2026-44257
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros ec typec: Init mutex in Thunderbolt registration cros typec register thunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in cros typec...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported that mxl111sfctrlmsg uses an uninitialized mutex. The issue was in the incorrect location of the mutexinit call. Previously, the mutexinit&state-msglock call was in the...
EUVD-2026-27723
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...
CVE-2026-43160
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...
CVE-2026-43160
The vulnerability CVE-2026-43160 concerns the Linux kernel’s mfd: macsmc driver, where a mutex in struct apple_smc was not initialized in apple_smc_probe(). An uninitialized mutex can lead to occasional NULL pointer dereferences in apple_smc_read() invoked by probe() paths of subdevices. A patch ...
CVE-2026-43160 mfd: macsmc: Initialize mutex
In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct applesmc's mutex in applesmcprobe. Using the mutex uninitialized surprisingly resulted only in occasional NULL pointer dereferences in applesmcread calls from the probe functions of...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed a NULL pointer issue in freemrinit. A lock grab occurs in a concurrent scenario, resulting in dereferencing a NULL pointer. This issue should be addressed by using initmutexinit before attempting to lock...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: leds: mlxreg: Use devmmutexinit for mutex initialization In this driver, LEDs are registered using devmledclassdevregister, so they are automatically unregistered after the module’s remove function is called. The...
kernel: net/mlx5: fs, fix UAF in flow counter release
A use-after-free flaw was discovered in the Linux kernel’s mlx5 Net/MLX5 subsystem: within the function mlx5cmdhwsdeletefte the HWS action reference count and mutex for a local flow counter were not initialized, meaning the flow-counter structure could already be freed while deleting the rule. Th...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989012)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989012 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitializ...
EUVD-2025-34593
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...
UBUNTU-CVE-2025-39979
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...
CVE-2025-39979 net/mlx5: fs, fix UAF in flow counter release
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the HWS action refcount and mutex were not initialized and the counter...
CVE-2025-39979
CVE-2025-39979 affects the Linux kernel component involving net/mlx5 fs flow actions. The issue arises in releasing a local flow counter (mlx5_cmd_hws_delete_fte) where the HWS action refcount and mutex were not initialized, allowing a potential use-after-free of the counter struct when deleting ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986829)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986829 advisory. In the Linux kernel, the following vulnerability has been resolved: media: mxl111sf: change mutexinit location Syzbot reported, that mxl111sfctrlmsg uses uninitializ...