Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: qcom: smsmm: Fixed refcount leaks in qcomsmsmprobe There are two refcount leaks in qcomsmsmprobe: 1 The localnode variable is escaped from foreachchildofnode at the end of the iteration. We should call ofnodeput for it in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on appssmmu” has been reverted. There are reports that the pagetable walker cache coherence does not remain consistent across various SDM845/850 devices, leading to lock-ups and resets...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23026)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...

CVE-2026-46286

A flaw was found in the Linux kernel's qcom-lpg LED driver. This vulnerability, an array overflow, occurs when the driver attempts to select high-resolution values. Due to incorrect indexing, the system may read random data from memory, which could lead to information disclosure or unpredictable...

CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

CVE-2026-46286

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull from a 3 bit register, yet the array being indexed has only 5 values i...

CVE-2026-46286

CVE-2026-46286 affects the Linux kernel’s leds: qcom-lpg driver. Root cause: selecting high-resolution values uses FIELD_GET() from a 3-bit register while indexing into an array that has only 5 values, risking out-of-bounds access. The description states this was resolved by adding a proper bound...

PT-2026-47358

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array overflow occurs in the qcom-lpg LED driver. The FIELD GET function retrieves a value from a 3-bit register to index an array; however, the array contains only 5 elements. This...

Linux Distros Unpatched Vulnerability : CVE-2026-46286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELDGET is used to pull...

AlmaLinux 10 : kernel (ALSA-2026:18134)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:18134 advisory. kernel: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg CVE-2024-56633 kernel: KVM: x86: Load DR6 with guest value only before entering .vcpurun lo...

EUVD-2026-34109

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the clk qcom gfx3d module. When determining the GFX3D clock rate, the parent mapping does not...

Linux Distros Unpatched Vulnerability : CVE-2026-46143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This...

Fedora 44 : linux-firmware (2026-2b07c67f06)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2b07c67f06 advisory. Update to 20260519: ASoC: tas2783: Add Firmware files for tas2783A projects add firmware for MT7927 WiFi device Add HP ISH firmware for Intel Panther Lake...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: led: qcom-lpg: Fixed sleeping in atomic operations The lpgh brightnessset function can enter a sleeping state, while the led’s brightnessset callback must be non-blocking. The LPG driver should use brightnesssetblocking instea...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynamic IDs for SM8450 platform interconnects left two links unconverted. This issue was fixed to avoid NULL pointer dereference during runtim...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it mig...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gcc-ipq5018: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...

Linux Distros Unpatched Vulnerability : CVE-2026-43335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icclinknodes The change to dynam...