4528 matches found
CVE-2026-31549
In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...
CVE-2026-31604
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
CVE-2026-31604
The CVE-2026-31604 issue concerns the Linux kernel’s wifi: rtw88 driver. A memory leak arose because the driver grabbing a reference to the USB device during probe did not release it on all probe errors (e.g., descriptor parsing failures) while the interface remained bound to a driver. The fix dr...
CVE-2026-31604 wifi: rtw88: fix device leak on probe failure
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
CVE-2026-31604
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
EUVD-2026-25497
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...
EUVD-2026-25469
In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrfprobe In hackrf driver, the following race condition occurs: CPU0 CPU1 hackrfprobe kzalloc; // alloc hackrfdev .... v4l2deviceregister; .... fd =...
CVE-2026-31576 media: hackrf: fix to not free memory after the device is registered in hackrf_probe()
In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrfprobe In hackrf driver, the following race condition occurs: CPU0 CPU1 hackrfprobe kzalloc; // alloc hackrfdev .... v4l2deviceregister; .... fd =...
EUVD-2026-25466
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Fix kernel panic due to initconst misuse Fix a kernel panic when probing the driver as a module: Unable to handle kernel paging request at virtual address ffffd9c18eb05000 offindmatchingnodeandmatch+0x5c/0x1a0...
CVE-2026-31573 media: verisilicon: Fix kernel panic due to __initconst misuse
In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Fix kernel panic due to initconst misuse Fix a kernel panic when probing the driver as a module: Unable to handle kernel paging request at virtual address ffffd9c18eb05000 offindmatchingnodeandmatch+0x5c/0x1a0...
CVE-2026-31573
The vulnerability CVE-2026-31573 affects the Linux kernel media: verisilicon hantro_vpu driver. When built as a module, incorrect use of the __initconst annotation frees data prematurely, and non-init probe code later accesses this freed data, causing a kernel panic (page fault) during hantro_pro...
CVE-2026-31572 i2c: designware: amdisp: Fix resume-probe race condition issue
In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fix resume-probe race condition issue Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a "i2c: designware: Combine the init functions",but this issue existed from the...
CVE-2026-31572
CVE-2026-31572 involves the Linux kernel driver for the i2c: designware: amdisp. A race exists between probe and runtime PM resume: when the ISP is powered on via runtime PM before probe completes, the amdisp I2C resume can occur early, causing a NULL dereference in kernel v7.0. The fix uses genp...
EUVD-2026-25465
In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fix resume-probe race condition issue Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a "i2c: designware: Combine the init functions",but this issue existed from the...
CVE-2026-31572
In the Linux kernel, the following vulnerability has been resolved: i2c: designware: amdisp: Fix resume-probe race condition issue Identified resume-probe race condition in kernel v7.0 with the commit 38fa29b01a6a "i2c: designware: Combine the init functions",but this issue existed from the...
CVE-2026-31562
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...
CVE-2026-31562
Summary: CVE-2026-31562 affects the Linux kernel DRM/mediatek DSI driver. A local attacker could trigger a NULL pointer dereference due to an uninitialized drvdata being read during mipi_dsi_host_register, causing a crash in mediatek-drm probe and blocking subsequent DRM operations. The fixed beh...
CVE-2026-31562 drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi struct, so this structure needs to be...
CVE-2026-31549 i2c: cp2615: fix serial string NULL-deref at probe
In the Linux kernel, the following vulnerability has been resolved: i2c: cp2615: fix serial string NULL-deref at probe The cp2615 driver uses the USB device serial string as the i2c adapter name but does not make sure that the string exists. Verify that the device has a serial number before...
CVE-2026-31549
CVE-2026-31549 relates to the Linux kernel cp2615 I2C driver. The vulnerability arises when the driver uses the USB device serial string as the i2c adapter name but does not ensure the string exists, potentially causing a NULL pointer dereference if a device lacks a serial number. Documented impa...