Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Added parameter validation for packet data. Syzbot reported a bug involving uninitialized values in nciinitreq. This bug was introduced through the commit 5aca7966d2a7 “Merge tag...

UBUNTU-CVE-2026-23330

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nciclosedevice, complete any pending data exchange before closing. The data exchange callback e.g. rawsockdataexchangecomplete holds a socket reference. NIPA occasionall...

PT-2026-27704

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The nci transceive function in the Linux kernel does not free memory allocated to skb socket buffer in certain error scenarios, specifically when encountering -EPROTO, -EINVAL, or -EBUSY...

CVE-2022-50854

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987240 advisory. In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkall...

DEBIAN-CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

UBUNTU-CVE-2022-48967

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkaller reported: memcpy: detected field-spanning write size 129 of single field "target-sensfres" at net/nfc/nci/ntf.c:260 size 18 This...

DEBIAN-CVE-2024-38381

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncirxwork syzbot reported the following uninit-value access issue 1 ncirxwork parses received packet from ndev-rxq. It should be validated header size, payload size and total packet size before...

UBUNTU-CVE-2024-26825

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rxdatareassembly skb on NCI device cleanup rxdatareassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropped only when the last fragment is processed or when an NTF packet wit...

PT-2024-11832 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a lack of bounds checking in the nci add new protocol function, which can lead to a field-spanning write. This was detected by syzkaller while running under...

Out-of-bounds

In nciprocrfmanagementntf of ncihrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...