79 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: Fixed the race condition in serdev. The yt21380fcserdevprobe function calls devmserdevdeviceopen before setting the client operations using serdevdevicesetclientops. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: delluartbacklight: Fixed the race condition involving serdev. The delluartblserdevprobe function calls devmserdevdeviceopen before setting the client ops using serdevdevicesetclientops. This ordering can lead to a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: w1: fixed NULL pointer dereferencing in the probe. The w1uartprobe function calls w1uartserdevopen which includes devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This order can lead to a NULL...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-dereferencing on non-serdev controllers during suspension Qualcomm ROME controllers can be registered through the Bluetooth interface. In this case, the HCI UART serdev pointer is NULL. A missing sanity...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca – fixed a NULL derefrence on non-serdev controllers. Qualcomm ROME controllers can be registered through the Bluetooth interface. In this case, the HCI UART serdev pointer is NULL. A sanity check was added to...
CVE-2026-43098
Summary (concrete details from provided documents): CVE-2026-43098 affects the Linux kernel NFC subsystem, specifically the s3fwrn5 driver, where s3fwrn82_uart_read() may consume bytes into recv_skb and deliver a complete frame before a new receive buffer is allocated. If alloc_skb() fails, the c...
Linux Distros Unpatched Vulnerability : CVE-2026-43098
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82uartread reports the number of accepted bytes to the serdev core. The current code consumes bytes...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciqca: Fixed the driver shutdown when the serdev is closed. The driver shutdown callback which sends EDLSOCRESET to the device via serdev should not be invoked when the HCI device is not open e.g., if hcidevopensyn...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecuart: properly fixed the race condition The crosecuartprobe function calls devmserdevdeviceopen before calling serdevdevicesetclientops. This can lead to a NULL pointer dereference: BUG: NULL pointer...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989210)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989210 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Fix driver shutdown on closed serdev The driver shutdown callback which sends...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-413363)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-413363 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot Commit 272970be3dab...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987045)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987045 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Fix driver shutdown on closed serdev The driver shutdown callback which sends...
EUVD-2025-2634
Malicious code in bioql PyPI...
EUVD-2025-2644
Malicious code in bioql PyPI...
CVE-2022-50374 Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...
Linux Distros Unpatched Vulnerability : CVE-2022-48878
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Fix driver shutdown on closed serdev The driver shutdown callback which...
Linux Distros Unpatched Vulnerability : CVE-2024-35850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non- serdev setup Qualcomm ROME controllers can be...
Linux Distros Unpatched Vulnerability : CVE-2025-22084
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: w1: fix NULL pointer dereference in probe The w1uartprobe function calls w1uartserdevopen...
SUSE CVE-2025-22084
In the Linux kernel, the following vulnerability has been resolved: w1: fix NULL pointer dereference in probe The w1uartprobe function calls w1uartserdevopen which includes devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer...
DEBIAN-CVE-2025-22084
In the Linux kernel, the following vulnerability has been resolved: w1: fix NULL pointer dereference in probe The w1uartprobe function calls w1uartserdevopen which includes devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This ordering can trigger a NULL pointer...