CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to view the data of kernel pages by providing a larger insize value in struct croseccommand1 when invoking EC host commands. This issue can be fixed b...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fixed memory corruption in ioctl. If “smem.bytes” is larger than the buffer size, it can lead to memory corruption...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013856 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If smem.bytes is larger than the buffer size it...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010913)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010913 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If smem.bytes is larger than the buffer size it...

ROS-20260128-73-0026

A vulnerability in the drivers/platform/chrome/crosecchardev.c module of the Linux kernel is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to disclose protected information...

CVE-2025-68804

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...

SUSE CVE-2022-50570

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

CVE-2022-50570

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

UBUNTU-CVE-2022-50570

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

CVE-2022-50570

CVE-2022-50570 affects the Linux kernel in the platform/chrome ioctl path, where memory corruption can occur if s_mem.bytes exceeds the destination buffer. The issue is resolved in the SUSE-SU-2025:4320-1 advisory for SLES15 SP5, which indicates the kernel was updated to fix multiple vulnerabilit...

CVE-2022-50570 platform/chrome: fix memory corruption in ioctl

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: fix memory corruption in ioctl If "smem.bytes" is larger than the buffer size it leads to memory corruption...

CVE-2024-35977

A race condition vulnerability was found in the Linux kernel's crosecuart driver. This issue occurs because the crosecuartprobe function calls devmserdevdeviceopen before initializing the serdev-ops via serdevdevicesetclientops. This mismatch can cause a NULL pointer dereference when accessing...

CVE-2024-35977

CVE-2024-35977 : In the Linux kernel, a race in cros_ec_uart caused a NULL pointer dereference in serdev handling when devm_serdev_device_open() was called before serdev->ops were set. The crash path involves the code path that dereferences serdev->ops->receive_buf if serdev is present b...

CVE-2024-35977 platform/chrome: cros_ec_uart: properly fix race condition

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecuart: properly fix race condition The crosecuartprobe function calls devmserdevdeviceopen before it calls serdevdevicesetclientops. This can trigger a NULL pointer dereference: BUG: kernel NULL pointer...

CVE-2024-35977 platform/chrome: cros_ec_uart: properly fix race condition

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecuart: properly fix race condition The crosecuartprobe function calls devmserdevdeviceopen before it calls serdevdevicesetclientops. This can trigger a NULL pointer dereference: BUG: kernel NULL pointer...

chromium-browser: use after free in blink

A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...