1816 matches found
EUVD-2026-44979
A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...
CVE-2026-10587
A potential out-of-bounds write vulnerability could allow a local privileged attacker to modify power management settings in System Management Mode...
CVE-2026-10587
CVE-2026-10587 is described in connected documents as a potential out-of-bounds write vulnerability that could allow a local privileged attacker to modify power management settings in System Management Mode. The root cause is an out-of-bounds write; impact is indicated as high on integrity and av...
[SECURITY] Fedora 44 Update: upower-1.91.3-1.fc44
UPower formerly DeviceKit-power provides a daemon, API and command line tools for managing power devices attached to the system...
Linux Distros Unpatched Vulnerability : CVE-2026-53340
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If...
CVE-2026-53340
A flaw was found in the Linux kernel's i2c: imx driver. During runtime power management, an inconsistency between the clock and pinctrl states can occur. If the pinctrl state fails to switch to sleep mode after the clock is disabled, the clock remains off. This can lead to a system crash when the...
UBUNTU-CVE-2026-53340
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
CVE-2026-53340
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
CVE-2026-53340
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
CVE-2026-53297
A flaw was found in the Linux kernel's mana network driver. This vulnerability occurs when the manaremove function is invoked a second time without proper checks after a power management PM resume failure and subsequent driver unbinding. A local attacker could exploit this double invocation to...
SUSE CVE-2026-53297
In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...
CVE-2026-53056
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clock frequency remains at its original highest rate. When runtime resum...
EUVD-2026-38924
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clock frequency remains at its original highest rate. When runtime resum...
CVE-2026-53056
Summary (CVE-2026-53056) Affected component: Linux kernel – drm/msm/dpu driver. Root cause: During DPU runtime suspend, the code calls dev_pm_opp_set_rate(dev, 0), which drops the MMCX rail to MIN_SVS while the core clock remains at the original high frequency, creating a mismatch between rail vo...
CVE-2026-53056 drm/msm/dpu: fix mismatch between power and frequency
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clock frequency remains at its original highest rate. When runtime resum...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: “drm/amd: Check if ASPM is enabled from the PCIe subsystem” has been reverted. This reversion is associated with the commit 7294863a6f01248d72b61d38478978d638641bee. This commit was erroneously applied again after the commit...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disabling MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this period e.g., from...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/shtmu: Always leave the device running after a probe. The TMU device can be used both as a clocksource and as a clockevent provider. The driver attempts to manage its own power state and clock settings—turning...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fixed NULL pointer dereferencing during early suspends. Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereferencing in runtime PM callbacks that expect valid...