728 matches found
EUVD-2026-39843
In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...
CVE-2026-53308
CVE-2026-53308 concerns a Linux kernel issue in the max77705 power supply driver. The patch changes workqueue handling by using the devm interface for allocating the workqueue to fix two bugs: (1) memory leaks on remove() because the workqueue wasn’t destroyed, and (2) incorrect destroy/free orde...
PT-2026-52947
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak and a use-after-free issue exist in the max77705 power supply driver. The driver fails to destroy the allocated workqueue during the remove process, leading to memory...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Revert “usb: typec: ucsi: add a common function ucsiunregisterconnectors”. The recent commit 87d0e2f41b8c “usb: typec: ucsi: add a common function ucsiunregisterconnectors” introduced a regression that caused NULL dereferencing...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: power: supply: core: Fixed the boundary conditions in interpolation. The functions powersupplytemp2resistsimple and powersupplyocv2capsimple incorrectly handle boundary conditions. This issue was introduced in the code change...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe. The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; So some additional cleanup is required along these error paths...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: power: supply: fixed null pointer dereferencing in powersupplygetbatteryinfo. When kmalloc fails to allocate memory in kasprintf, propname will be NULL. The strcmp function called by ofgetproperty will cause a null pointer...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Power: Supply: ADP5061: Fix for out-of-bounds read in adp5061getchgtype The fields ADP5061CHGSTATUS and CHGSTATUS are masked with 0x07, which indicates a length of 8. However, the adp5061chgtype array has a size of 4. This may...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Power: Supply: bq25890: Fix externalpowerchanged race The bq25890chargerexternalpowerchanged callback dereferences the bq-charger variable. This variable is set in bq25890powersupplyinit like this: c bq-charger =...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered The powersupply framework is not actually designed to have long-term references to powersupply devices in the kernel. Specifically, unregistering a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A issue was discovered in the Linux kernel before version 6.2.9. A use-after-free was found in the bq24190remove function in the file drivers/power/supply/bq24190charger.c. This could allow a local attacker to cause the system to crash due to a race condition...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: power: supply: cpcap-charger: Fixed the null check for powersupplygetbyname. In the cpcapusbdetect function, the powersupplygetbyname function may return NULL instead of an error pointer. To prevent potential null pointer...
CVE-2025-71318 NetMan 204 Missing Authentication for Administrative Functions
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...
EUVD-2025-210079
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...
CVE-2025-71318 NetMan 204 Missing Authentication for Administrative Functions
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...
PT-2026-47014
Name of the Vulnerable Software and Affected Versions NetMan 204 affected versions not specified Description Authentication is not enforced on administrative pages and command endpoints. A remote, unauthenticated attacker can directly request pages such as 'administration.html',...
MINI-PWR6-295C-2PPH
Bulletin has no description...
SUSE CVE-2026-46270
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...
Linux Distros Unpatched Vulnerability : CVE-2026-46270
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - power: supply: rt9455: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the...
CVE-2026-46270
In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...