169 matches found
SUSE CVE-2026-46157
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...
UBUNTU-CVE-2026-46157
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...
SUSE CVE-2026-46097
In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e "Input: edt-ft5x06 - use per-client debugfs directory" removed the manual debugfs teardown, relying on the I2C core to handle it. However, this...
UBUNTU-CVE-2026-46097
In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e "Input: edt-ft5x06 - use per-client debugfs directory" removed the manual debugfs teardown, relying on the I2C core to handle it. However, this...
CVE-2026-46097
CVE-2026-46097, Linux kernel edt-ft5x06 driver: The issue stems from removing manual debugfs teardown and relying on the I2C core, creating a window where debugfs files remain accessible after edt_ft5x06_ts_teardown_debugfs() frees tsdata->raw_buffer, risking use-after-free. The fix protects r...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed race conditions between concurrent hwparams and hwfree calls Currently, there are no proper checks or protections against concurrent calls to hwparams and hwfree ioctls, which may lead to a Use-After-Free error...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: intel-vbtn: Protected the ACPI notify handler from racing with itself. Since the commit e2ffcda16290 “ACPI: OSL: Allow Notify handlers to run on all CPUs”, ACPI notify handlers like intel-vbtn’s notifyhandler may ru...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently, tpm transactions are executed unconditionally in the tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driv...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the delayed allocation of a cell’s anonymous key. The allocation of a cell’s anonymous key is performed in a background thread, along with other cell-related operations such as making DNS calls. In the reported bug, th...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: The sumutex must be acquired before navigating the configs hierarchy. There is a race between operations that iterate over the cgchildren list and concurrent additions/removals of userdata items through configfs. The...
SUSE CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
EUVD-2026-28626
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43364
In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...
CVE-2026-43364
Summary (CVE-2026-43364) : In the Linux kernel ublk subsystem, a local attacker can trigger a NULL pointer dereference by sending UPDATE_SIZE to a ublk device that has been added but not started, or that has been stopped. The root cause is missing state validation in ublk_ctrl_set_size(), which d...
CVE-2026-43364 ublk: fix NULL pointer dereference in ublk_ctrl_set_size()
In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublkctrlsetsize ublkctrlsetsize unconditionally dereferences ub-ubdisk via setcapacityandnotify without checking if it is NULL. ub-ubdisk is NULL before UBLKCMDSTARTDEV completes it is only...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
CVE-2026-43342
CVE-2026-43342 concerns the Linux kernel USB gadget RNDIS driver (f_rndis). The issue arises from race conditions when RNDIS options (class/subclass/protocol) are accessed concurrently via configfs, enabling unsafe concurrent access. The remediation implemented is to protect these options using a...
CVE-2026-43342
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Protect RNDIS options with mutex The class/subclass/protocol options are suspectible to race conditions as they can be accessed concurrently through configfs. Use existing mutex to protect these options. This...
PT-2026-38993
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the USB gadget RNDIS driver where class, subclass, and protocol options can be accessed concurrently through configfs. This issue was discovered during code...