CVE-2026-46239

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/pm: fixed a random hang during S4 for SMU v13.0.4/11. During multiple S4 stress tests, GC/RLC/PMFW entered an invalid state, leading to hard hangs. Adding a GFX reset as a workaround just before sending the MP1UNLOAD...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fixed a resource leak in the remove callback. The remove callback returned early if pmruntimeresumeandget failed, skipping the cleanup of the SPI controller and other resources. This issue has been addressed by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Drivers: Ethernet: cpsw – A panic occurs when the interrupt coalescing setting is applied via ethtool. The cpswethtoolbegin function directly returns the result of pmruntimegetsync. When successful, pmruntimegetsync returns...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fixed a reference leak when pmruntimegetsync fails The PM reference count is not expected to be incremented upon returning from lpi2cimxmasterenable. However, pmruntimegetsync will still increment the PM reference...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: media: mediatek: vcodec: fix decoder disable pm crash It is not possible to call pmruntimedisable when the architecture supports a sub-device for “dev-pm.dev” is NUll, or it may result in a crash log. 10.771551 pc :...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fixed the imbalance in the PM usage counter during power-on. The pmruntimegetsync function will increment the PM usage counter even if it fails. Forgetting to perform the necessary operations could lead to a...

Astra Linux - уязвимость в cgal

There are multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted, malformed file can lead to an out-of-bounds read and type confusion, which may result in code execution. An attacker can provide malicious input to trigger a...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: soc: brcmstb: pm-arm: Fixed bugs related to reference count leaks and iomem leaks. In brcmstbpmprobe, there are two types of leak bugs: 1 We need to add ofnodeput when foreachmatchingnode breaks. 2 We need to add iounmap for...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: adc: rzg2ladc: Set the driver data before enabling runtime PM When performing stress tests on the system by repeatedly unbinding and binding the ADC device in a loop, and the ADC serves as a supplier for another device e.g.,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fixed a reference leak in ofdra7atlclkprobe. pmruntimegetsync will increment the pm usage counter. Forgetting to perform the necessary operations would result in a reference leak. Added the missing...

Astra Linux - уязвимость в cgal

Multiple code execution vulnerabilities exist in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021633)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021633 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fwinfo is not null before using it This resolves the dereference null retu...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021617 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021612)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021612 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix the null pointer dereference for vega10hwmgr Check return value and conduct null...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021610 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in applystateadjustrules Check the pointer value ...

SUSE CVE-2026-43357

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pmruntime error handling The return value of pmruntimegetsync is not checked, allowing the driver to access hardware that may fail to resume. The device usage count is also unconditionally incremented...

PT-2026-40440

Name of the Vulnerable Software and Affected Versions cPanel & WHM affected versions not specified Description Improper sanitization of the status query parameter in the '/unprotected/nova error' endpoint allows an unauthenticated attacker to inject arbitrary HTTP headers into the response...

EUVD-2026-28663

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pmruntime error handling The return value of pmruntimegetsync is not checked, allowing the driver to access hardware that may fail to resume. The device usage count is also unconditionally incremented...