169 matches found
SUSE CVE-2026-46157
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...
UBUNTU-CVE-2026-46157
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...
SUSE CVE-2026-46097
In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e "Input: edt-ft5x06 - use per-client debugfs directory" removed the manual debugfs teardown, relying on the I2C core to handle it. However, this...
UBUNTU-CVE-2026-46097
In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e "Input: edt-ft5x06 - use per-client debugfs directory" removed the manual debugfs teardown, relying on the I2C core to handle it. However, this...
CVE-2026-46097
CVE-2026-46097, Linux kernel edt-ft5x06 driver: The issue stems from removing manual debugfs teardown and relying on the I2C core, creating a window where debugfs files remain accessible after edt_ft5x06_ts_teardown_debugfs() frees tsdata->raw_buffer, risking use-after-free. The fix protects r...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: The sumutex must be acquired before navigating the configs hierarchy. There is a race between operations that iterate over the cgchildren list and concurrent additions/removals of userdata items through configfs. The...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the delayed allocation of a cell’s anonymous key. The allocation of a cell’s anonymous key is performed in a background thread, along with other cell-related operations such as making DNS calls. In the reported bug, th...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed race conditions between concurrent hwparams and hwfree calls Currently, there are no proper checks or protections against concurrent calls to hwparams and hwfree ioctls, which may lead to a Use-After-Free error...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: intel-vbtn: Protected the ACPI notify handler from racing with itself. Since the commit e2ffcda16290 “ACPI: OSL: Allow Notify handlers to run on all CPUs”, ACPI notify handlers like intel-vbtn’s notifyhandler may ru...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: arm64: The issue was fixed in the concurrently setting of insnemulation sysctls. The emulationprochandler function changes table-data for procdointvecminmax. However, it may cause an OOPs error if called concurrently with itself:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Added mutex protection for workqueue The workqueue may execute late, even after remoteproc is stopped or disabled. Some resources such as the rpmsg device and endpoint have been released in...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently, tpm transactions are executed unconditionally in the tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driv...
SUSE CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
EUVD-2026-28626
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43364
In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...
CVE-2026-43364 ublk: fix NULL pointer dereference in ublk_ctrl_set_size()
In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...
CVE-2026-43364
Summary (CVE-2026-43364) : In the Linux kernel ublk subsystem, a local attacker can trigger a NULL pointer dereference by sending UPDATE_SIZE to a ublk device that has been added but not started, or that has been stopped. The root cause is missing state validation in ublk_ctrl_set_size(), which d...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43342
CVE-2026-43342 concerns the Linux kernel USB gadget RNDIS driver (f_rndis). The issue arises from race conditions when RNDIS options (class/subclass/protocol) are accessed concurrently via configfs, enabling unsafe concurrent access. The remediation implemented is to protect these options using a...