Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990521 advisory. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988670)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988670 advisory. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for null return of devmkcalloc Because of the possible failure of the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986863)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986863 advisory. In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for null return of devmkcalloc Because of the possible failure of the...

SUSE CVE-2025-22014

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to add the look up for the service and does schedule locator work, later a process B got a new server packet indicating locator is up and cal...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-779)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-779 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid CVE-2023-53728 In the Linux kernel, the following vulnerability has...

SUSE CVE-2024-46693

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmicglink: Fix race during initialization As pointed out by Stephen Boyd it is possible that during initialization of the pmicglink child drivers, the protection-domain notifiers fires, and the associated work is...

CVE-2024-46693

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmicglink: Fix race during initialization As pointed out by Stephen Boyd it is possible that during initialization of the pmicglink child drivers, the protection-domain notifiers fires, and the associated work is...

CVE-2024-46689

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...

CVE-2024-46693

CVE-2024-46693 (Linux kernel) : A race during initialization of soc: qcom: pmic_glink drivers can dereference a NULL client pointer due to the client object being used before client registration completes. The root cause is that protection-domain notifiers can fire and schedule work before the cl...

CVE-2024-46689

CVE-2024-46689 affects the Linux kernel function soc: qcom: cmd-db. The root cause is mapping the shared cmd-db memory region as WB instead of WC, which can trigger an XPU write-protection false positive that leads to a secure interrupt and an endless loop in Trust Zone. Qualcomm Hypervisor curre...

CVE-2024-46689 soc: qcom: cmd-db: Map shared memory as WC, not WB

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...

CVE-2024-43850

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmonremove The following warning is seen during bwmonremove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at drivers/opp/core.c:1640...

CVE-2024-43850

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmonremove The following warning is seen during bwmonremove due to refcount imbalance, fix this by releasing the OPPs after use. Logs: WARNING: at drivers/opp/core.c:1640...

CVE-2024-43850

CVE-2024-43850 affects the Linux kernel’s Qualcomm icc-bwmon: a refcount imbalance can occur during bwmon_remove, triggering a kernel warning and potentially delaying OPP releases. The OSV and vendor advisories corroborate the issue and describe the fix as a code correction in the bwmon removal p...

CVE-2024-26909

CVE-2024-26909 concerns the Linux kernel. A DRM bridge use-after-free in the qcom pmic_glink_altmode path could occur if the dp-hpd bridge is registered before resources are fully acquired, leading to a freed bridge being referenced during display init (possibly causing NULL dereference or attach...

PT-2025-26122 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A refcount leak issue has been identified in the Linux kernel, specifically in the soc: qcom: ocmem component. The of parse phandle function returns a node pointer with an incremented...

CVE-2023-22996

In the Linux kernel before 5.17.2, drivers/soc/qcom/qcomaoss.c does not release an offinddevicebynode reference after use, e.g., with putdevice...

CVE-2022-40540

A flaw was found in the Linux kernel. Memory corruption occurs to the buffer copy without checking the input size while loading firmware in qcommdtreadmetadata in drivers/soc/qcom/mdtloader.c...

CVE-2023-22996

CVE-2023-22996 affects the Linux kernel prior to 5.17.2. In drivers/soc/qcom/qcom_aoss.c, an of_find_device_by_node reference is not released after use (e.g., via put_device), which can lead to a lingering reference. The practical impact and exploitability are not described in the provided docume...