368 matches found
EUVD-2026-32792
In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...
CVE-2026-45900
crypto: caam - fix netdev memory leak in dpaa2caamprobe...
Linux Distros Unpatched Vulnerability : CVE-2026-45866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach Syzbot reported a use-after-free in tundetach. This causes a call trace like the following: ================================================================== BUG: KASAN: use-after-free i...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: The sun4iCan driver’s ndochangemtu function needs to be updated to prevent buffer overflows. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xsk: Validate the MTU against the usable frame size when binding. The AFXDP binding currently accepts zero-copy pool configurations without verifying that the device’s MTU fits within the usable frame space provided by the UMEM...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove dm is netdev private data, and it cannot be used after the freenetdev call. Using dm after freenetdev can cause a UAF bug. This issue was fixed by moving the freenetdev call to the end of...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix the return type of netcpndostartxmit With Clang’s Kernel Control Flow Integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to ensure that the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet: mtkppe – Avoid NULL dereferencing when gmac0 is disabled. If gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer dereferencing, leading to a system crash. This occurs because...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: sfc: fixed a deadlock in the RSS config read operation. Since the referenced commit, core locked the rsslock of netdevice when handling the ethtool -x command. Therefore, the driver’s implementation should no longer lock it. Remo...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: The mcbausb driver’s ndochangemtu function needs to be updated to prevent buffer overflows. Sending a PFPACKET message allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fixed an NPE in gncmBind. The commit 56a512a9b410 “usb: gadget: fncm: Aligned netdevice lifecycle with bind/unbind” deferred the allocation of the netdevice. This change results in a NULL pointer derefrence in t...
Linux Distros Unpatched Vulnerability : CVE-2026-43422
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 usb: gadget: fncm: align netdevice...
CVE-2026-43479
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...
CVE-2026-43479
The CVE-2026-43479 entry concerns the Linux kernel’s LAN78xx USB Ethernet driver. A WARN was observed in __netif_napi_del_locked during USB device disconnect because netif_napi_del() was redundantly called in the disconnect path while NAPI was still enabled. The fix removes this redundant call si...
SUSE CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
SUSE CVE-2026-43422
In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncmbind Commit 56a512a9b410 "usb: gadget: fncm: align netdevice lifecycle with bind/unbind" deferred the allocation of the netdevice. This change leads to a NULL pointer dereference in the legacy NCM...
CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...
UBUNTU-CVE-2026-43421
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...