CVE-2026-53066

A flaw was found in the Linux kernel's drm/sun4i backend component. This vulnerability occurs because the drmatomicgetplanestate function can return an error pointer, which is not properly checked before being dereferenced. An attacker could potentially trigger this unchecked dereference, leading...

EUVD-2026-38934

In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: backend: fix error pointer dereference The function drmatomicgetplanestate can return an error pointer and is not checked for it. Add error pointer check. Detected by Smatch: drivers/gpu/drm/sun4i/sun4ibackend.c:496...

CVE-2026-53066

In the Linux kernel, the drm/sun4i backend fixed an error pointer dereference: drm_atomic_get_plane_state() could return an error pointer and was not checked in sun4i_backend_atomic_check(), risking a dereference of plane_state. The issue is resolved by adding an error pointer check. Connected re...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when calculating packet sizes. Currently, the packet overhead is subtracted using unsigned arithmetic. With a short sync pulse, this could lead to an underflow, causing the value to wrap around t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011318)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011318 advisory. In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011291)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011291 advisory. In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypa...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The can: hi311x module has corrected the ndochangemtu function to prevent buffer overflows. Sending a PFPACKET allows bypassing the CAN driver’s logic and directly reaching the xmit function of the CAN driver. The only check...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993269 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when computing packet sizes Currently, the packet overhead is...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992610 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when computing packet sizes Currently, the packet overhead is...

SUSE CVE-2025-39986

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

CVE-2025-39986

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow

...

EUVD-2025-34585

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

CVE-2025-39986

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

UBUNTU-CVE-2025-39986

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

UBUNTU-CVE-2025-39987

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

CVE-2025-39986

CVE-2025-39986 affects the Linux kernel sun4i_can CAN driver. Root cause: sun4i_can did not populate net_device_ops->ndo_change_mtu(), allowing an attacker to set an invalid MTU (e.g., 9999) via ip link and then use PF_PACKET with ETH_P_CANXL to inject frames. The PF_PACKET path only checks sk...

CVE-2025-39987 can: hi311x: populate ndo_change_mtu() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKET...

CVE-2025-39986 can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow

In the Linux kernel, the following vulnerability has been resolved: can: sun4ican: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACK...

PT-2025-42261

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the sun4i can driver within the Linux kernel where a missing check in the ndo change mtu function allows an attacker to configure an invalid MTU. This can be exploited b...