CVE-2026-23368 net: phy: register phy led_triggers during probe to avoid AB-BA deadlock

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled: 1362.049207 ledtriggerregister+0x5c/0x1fc...

CVE-2026-23306

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free in pm8001queuecommand Commit e29c47fe8946 "scsi: pm8001: Simplify pm8001taskexec" refactors pm8001queuecommand, however it introduces a potential cause of a double free scenario when it changes th...

Linux Distros Unpatched Vulnerability : CVE-2026-23368

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled:...

CLSA-2026-1773045484 kernel: Fix of 28 CVEs

fix: dm: fix dmblkreportzones CVE-2025-38141 - ice: Fix a null pointer dereference in icecopyandinitpkg CVE-2025-38664 - qed: Don't collect too many protection override GRC elements CVE-2025-39949 - drm/amd/display: Avoid a NULL pointer dereference CVE-2025-39693 - iommu/amd/pgtbl: Fix possible...

ROS-20260306-73-0003

A vulnerability in the phy component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005801 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisiinnophyprobe The size of array 'priv-ports' is...

SUSE-SU-2026:0473-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc125254...

SUSE CVE-2025-71193

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

SUSE CVE-2026-23081

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...

CVE-2026-23081

A flaw was found in the Linux kernel's intel-xway PHY Physical Layer driver. This vulnerability involves an improper management of Open Firmware OF node reference counts. A local attacker could exploit this by repeatedly triggering a specific condition, leading to resource exhaustion and ultimate...

CVE-2026-23081

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...

CVE-2025-71193

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

CVE-2026-23081

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...

UBUNTU-CVE-2025-71193

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

CVE-2026-23081

Summary: CVE-2026-23081 affects the Linux kernel intel-xway PHY driver, where an OF node reference-count leakage could occur. The root cause is improper management of Open Firmware (OF) node refcounts when checking the presence of the 'leds' child node. The fix adds a correct refcount maintenance...

EUVD-2025-206805

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

CVE-2025-71193 phy: qcom-qusb2: Fix NULL pointer dereference on early suspend

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

CVE-2025-71193

The CVE-2025-71193 family (Linux kernel: phy: qcom-qusb2) describes a NULL pointer dereference during early suspend caused by enabling runtime PM before the QPHY driver data is attached. This creates a window where suspend callbacks may run with invalid driver data, leading to sporadic boot crash...

CVE-2025-71193 phy: qcom-qusb2: Fix NULL pointer dereference on early suspend

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data...

ROS-20260203-73-0042

A vulnerability in the phyledtriggers.c component of the Linux operating system kernel is related to improper memory freeing before deleting the last reference. Exploitation of the vulnerability could allow an attacker to cause a denial of service...