Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in the successful path. Setting tty-discdata before opening the NCI device means that we need to clean up the state in error paths. This also creates a short window during which the device ma...

CVE-2026-43291

CVE-2026-43291 affects the Linux kernel NFC NCI subsystem. A parameter validation flaw for variable-length data packets can trigger a DoS by breaking NFC communication with NCI chips. Root cause: code compared variable-length packet data against a maximum length derived from sizeof(struct), ignor...

Astra Linux - уязвимость в linux, linux-5.10

A use-after-free flaw was discovered in ncirequest in net/nfc/nci/core.c within the NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race issue while the device is being removed, leading to a privilege escalation...

CVE-2026-23330 nfc: nci: complete pending data exchange on device close

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nciclosedevice, complete any pending data exchange before closing. The data exchange callback e.g. rawsockdataexchangecomplete holds a socket reference. NIPA occasionall...

CVE-2026-23330

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nciclosedevice, complete any pending data exchange before closing. The data exchange callback e.g. rawsockdataexchangecomplete holds a socket reference. NIPA occasionall...

CVE-2026-23167

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nciunregisterdevice. syzbot reported the splat below 0 without a repro. It indicates that struct ncidev.cmdwq had been destroyed before nciclosedevice was called via rfkill. ncidev.cmdwq is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001468 advisory. A use-after-free flaw was found in ncirequest in net/nfc/nci/core.c in NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with...

net: nfc: nci: Add parameter validation for packet data

...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414530 advisory. A use-after-free flaw was found in ncirequest in net/nfc/nci/core.c in NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker with...

EUVD-2021-34060

Malicious code in bioql PyPI...

NFC: nci: uart: Set tty->disc_data only in success path

...

Linux Distros Unpatched Vulnerability : CVE-2021-4202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in ncirequest in net/nfc/nci/core.c in NFC Controller Interface NCI in the Linux kernel. This flaw could allow a local attacker...

SUSE CVE-2023-52919

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix possible NULL pointer dereference in sendacknowledge Handle memory allocation failure from nciskballoc calling allocskb to avoid possible NULL pointer dereference...

UBUNTU-CVE-2023-52919

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix possible NULL pointer dereference in sendacknowledge Handle memory allocation failure from nciskballoc calling allocskb to avoid possible NULL pointer dereference...

nfc: nci: Fix uninit-value in nci_rx_work

...

Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6926-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6926-3 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions,...

USN-6926-2: Linux kernel vulnerabilities

黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...

Ubuntu 14.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6926-2)

The remote Ubuntu 14.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6926-2 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure...

USN-6938-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a bitmap. A local attacker could use this to cause a denial of service system crash. CVE-2022-48619 黄思聪 discovered that the NFC Controller Interface NCI...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6938-1)

"The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6938-1 advisory. It was discovered that the device input subsystem in the Linux kernel did not properly handle the case when an event code falls outside of a...