CVE-2026-52971

A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...

CVE-2026-53222

The CVE-2026-53222 entry concerns the Linux kernel PTP subsystem (ptp: ocp). The vulnerability arises from an incorrect order of resource freeing and unregistration during driver removal: ptp_ocp_detach() freed resources before ptp_clock_unregister(), creating a use-after-free condition. The fix ...

CVE-2026-53222

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix resource freeing order Commit a60fc3294a37 "ptp: rework ptpclockunregister to disable events" added a call to ptpdisableallevents which changes the configuration of pins if they support EXTTS events. In ptpocpdetach...

CVE-2026-52971 net: ena: PHC: Fix potential use-after-free in get_timestamp

In the Linux kernel, the following vulnerability has been resolved: net: ena: PHC: Fix potential use-after-free in gettimestamp Move the phc-active check and resp pointer assignment to after acquiring the spinlock. Previously, phc-active was checked without holding the lock, and resp was cached...

Oracle Linux 9 : kernel (ELSA-2026-19225)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19225 advisory. - xfrm: esp: avoid in-place decrypt on shared skb frags Sabrina Dubroca RHEL-174563 CVE-2026-43284 - crypto: authencesn - Do not place hiseq at end of...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed use-after-free bugs in otx2synctstamp. The original code relies on canceldelayedwork in otx2ptpDestroy, which does not ensure that the delayed work item synctstampwork has fully completed if it was already...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fixed the issue of receiving the timestamp in the frame for lan8841. The related commit began using the ptp workqueue to retrieve the second part of the timestamp. When the port is disabled, this workqueue is stopped...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Networking: DSA: Microchip: Fixed the error path in PTP IRQ setup. If the requestthreadedirq function fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed of. In fact, the error path in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Track xmit submissions to PTP WQ after populating the metadata map. Ensure that the skb is available in the metadata mapping to skbs before tracking the metadata index to detect undelivered CQEs. If the metadata ind...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - ice: fixed the issue where calls to PF PTP cleanup iceptpcleanuppf function and the ‘pslock’ mutex deinitialization were missed during error paths involving driver removal. The cleanup process for releasing PTP resources...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: A memory barrier is required to ensure that the PTP WQ xmit submission tracking occurs after populating the metadatamap. Simply reordering the functions mlx5eptpmetadatamapput and mlx5eptpsqtrackmetadata within the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ptp: Unregistering virtual clocks when unregistering a physical clock. When unregistering a physical clock that contains virtual clocks, the virtual clocks must also be unregistered. This fix resolves the following errors that...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: always set shared-phydev for LAN8814 Currently, during the LAN8814 PTP probe, shared-phydev is only set if the PTP clock is actually set. Otherwise, the function returns before setting it. This is a problem...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure that info-enable callback is always set. The ioctl and sysfs handlers call the -enable callback unconditionally. Not all drivers implement this callback, resulting in NULL dereferencing. Examples of affected drivers:...

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

PT-2026-42731

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTP MSG MANAGEMENT message to set an unvalidated negative log announce interval value in the port's data set. When a subsequent PT...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ice: Fixed a NULL pointer dereferencing during VSI rebuild. A race condition occurred where PTP periodic work ran while VSI was being rebuilt, leading to access to NULL vsi-rxrings. The sequence was as follows: 1...