Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel before version 6.5.9, there is a NULL pointer dereferencing in the sendacknowledge function in net/nfc/nci/spi.c...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: sn-f-ospi: Fix for division by zero When there is no dummy cycle in the spi-nor commands, both the dummy bus cycle bytes and the width are zero. Due to the CPU’s warning when dividing by zero, this situation should be avoide...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: cs42l43 – The property entry should be a null-terminated array. The software node does not specify a count of property entries; therefore, the array must be null-terminated. When the termination is not done, this can lead to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: mchp-pci1xxx: Fixed a possible null pointer derefrence in pci1xxxspiprobe. In the function pci1xxxxspiprobe, there is a potential null pointer that may be caused by a failed memory allocation performed by the function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin – Automated Vulnerability Discovery Engine. The len variable is calculated as min32, trans-len + 1, which includes the 1-byte command header. Whe...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fixed out-of-bounds access when there are more than 4 slaves. The commit 571e31fa60b3 “spi: bcm2835: Fixed cache the CS register value for -preparemessage” limited the number of slaves to 3 at compile-time. This...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spi: tegra20-slink: fix UAF in tegraslinkremove After calling spiunregistermaster, the refcount of the master will decrease to 0, and it will be freed in spicontrollerrelease. The device data will also be freed, which can lead to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphierspiprobe The issue occurs in several error paths within uniphierspiprobe. When either dmagetslavecaps or devmspiregistermaster returns an error code, the function forgets to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Added verification for the maxfrequency value provided by the firmware. If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed. The value of maxspeedhz is provided by t...

CVE-2026-47210 vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, a sandbox escape vulnerability in vm2 allows arbitrary code execution in the host process when untrusted code is executed with async support on runtimes exposing WebAssembly JSPI WebAssembly.promising / WebAssembly.Suspending...

CVE-2026-9266

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

CVE-2026-46326

A flaw was found in the Linux kernel, specifically within the iio: pressure: mprls0025pa driver. This vulnerability is due to improper initialization of the spitransfer structure, which is not consistently zeroed out before use. This could allow an attacker to potentially read sensitive informati...

CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

CVE-2026-46326

CVE-2026-46326 affects the Linux kernel driver iio: pressure: mprls0025pa. The root cause is improper initialization of the spi_transfer structure, with the patch ensuring the spi_transfer struct is zeroed out before use. The impact is high (local access with potential to read uninitialized memor...

SUSE CVE-2026-46296

In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the corresponding deallocation from remove. Drop the bogus DMA channel release fro...

SUSE CVE-2026-46301

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...

CVE-2026-46296

A flaw was found in the Linux kernel's s3c64xx Serial Peripheral Interface SPI driver. An issue with incorrect DMA Direct Memory Access channel deallocation during driver unbind could lead to a NULL-pointer dereference. This vulnerability can cause a system crash, resulting in a denial of service...

CVE-2026-46301

A flaw was found in the Linux kernel's spi-topcliff-pch driver. This vulnerability, a use-after-free error, occurs when the driver attempts to release Direct Memory Access DMA buffers during an unbind operation without properly flushing its queue. An attacker could potentially exploit this memory...

CVE-2026-46301

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...

CVE-2026-46296

In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the corresponding deallocation from remove. Drop the bogus DMA channel release fro...