CVE-2026-45911

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: eth: alx: takes rtnllock when resuming. Zbynek reports that alx fails an RTNL assertion when resuming. RTNL: The assertion failed at net/core/dev.c 2891. RIP: 0010: netifsetrealnumtxqueues + 0x1ac/0x1c0. Call Trace: alxopen +...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a system hang that occurs when resuming with a Thunderbolt monitor. Why The issue arises when using a Thunderbolt monitor and performing suspend operations; the system may hang during resume. During the...

openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20214-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20214-1 advisory. Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code...

CVE-2025-68334 platform/x86/amd/pmc: Add support for Van Gogh SoC

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally non-X SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 s2idle causes a crash, this support was dropped by the Xbox Ally...

UBUNTU-CVE-2022-50498

In the Linux kernel, the following vulnerability has been resolved: eth: alx: take rtnllock on resume Zbynek reports that alx trips an rtnl assertion on resume: RTNL: assertion failed at net/core/dev.c 2891 RIP: 0010:netifsetrealnumtxqueues+0x1ac/0x1c0 Call Trace: alxopen+0x230/0x570 alx...

SUSE CVE-2025-38725

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: add phymask for ax88772 mdio bus Without setting phymask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 0x1f. DLink DUB-E100 H/W Ver B1 is such ...

CVE-2025-38725

CVE-2025-38725 affects the Linux kernel net: usb: asix_devices driver handling of ax88772 MDIO bus. Without a phy_mask, the driver could create up to 32 MDIO phy devices (addresses 0x00–0x1f). Only one main phy binds to the net phy driver, causing issues during suspend/resume where phy_polling_mo...

Linux Distros Unpatched Vulnerability : CVE-2021-46914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix unbalanced device enable/disable in suspend/resume pcidisabledevice called in...

CVE-2022-50064 virtio-blk: Avoid use-after-free on suspend/resume

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...

CVE-2022-50064 virtio-blk: Avoid use-after-free on suspend/resume

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...

CVE-2025-37847

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in ivpumscleanup Fix deadlock in ivpumscleanup by preventing runtime resume after filepriv-mslock is acquired. During a failure in runtime resume, a cold boot is executed, which calls ivpumscleanupall. Th...

CVE-2025-37847 accel/ivpu: Fix deadlock in ivpu_ms_cleanup()

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in ivpumscleanup Fix deadlock in ivpumscleanup by preventing runtime resume after filepriv-mslock is acquired. During a failure in runtime resume, a cold boot is executed, which calls ivpumscleanupall. Th...

CVE-2025-37847 accel/ivpu: Fix deadlock in ivpu_ms_cleanup()

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix deadlock in ivpumscleanup Fix deadlock in ivpumscleanup by preventing runtime resume after filepriv-mslock is acquired. During a failure in runtime resume, a cold boot is executed, which calls ivpumscleanupall. Th...

CVE-2025-37847

CVE-2025-37847: In the Linux kernel, a deadlock could occur in accel/ivpu during ivpu_ms_cleanup() when runtime resume acquires file_priv->ms_lock, leading to a cold boot path that calls ivpu_ms_cleanup_all(). The issue is resolved by preventing runtime resume after ms_lock is acquired, avoidi...

Linux Distros Unpatched Vulnerability : CVE-2024-57809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, as documented in the NXP errata...

CVE-2025-21730 wifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: avoid to init mgntentry list twice when WoWLAN failed If WoWLAN failed in resume flow, the rtw89opsaddinterface triggered without removing the interface first. Then the mgntentry list init again, causing the listempt...

CVE-2022-49687

CVE-2022-49687 documents a Linux kernel vulnerability in virtio_net where suspend/resume can trigger a driver bug warning due to xdp_rxq_info not being unregistered/registered during freeze/restore. The root cause is that virtnet_freeze() frees the receive_queue (including xdp_rxq_info) without c...

CVE-2022-49624 net: atlantic: remove aq_nic_deinit() when resume

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: remove aqnicdeinit when resume aqnicdeinit has been called while suspending, so we don't have to call it again on resume. Actually, call it again leads to another hang issue when resuming from S3. Jul 8 03:09:44...

CVE-2022-49624 net: atlantic: remove aq_nic_deinit() when resume

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: remove aqnicdeinit when resume aqnicdeinit has been called while suspending, so we don't have to call it again on resume. Actually, call it again leads to another hang issue when resuming from S3. Jul 8 03:09:44...