1497 matches found
CVE-2026-53340
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
CVE-2026-53340
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
EUVD-2026-40974
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: fix clock and pinctrl state inconsistency in runtime PM In i2cimxruntimesuspend, the clock is disabled before switching the pinctrl state to sleep. If pinctrlpmselectsleepstate fails, the runtime suspend is aborted but...
CVE-2026-53340
The CVE-2026-53340 entry concerns the Linux kernel I2C imx driver where a clock-disable happens before pinctrl state switch in runtime suspend, leading to a system crash if pinctrl_pm_select_sleep_state() fails. The fix swaps the order to switch the pinctrl state before disabling the clock so a p...
CVE-2026-10647
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
CVE-2026-10647
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-;syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
CVE-2026-10647 Deadlock denial of service in USB CDC-NCM device class on TX enqueue failure
The USB CDC-NCM device class subsys/usb/devicenext/class/usbdcdcncm.c ignores the return value of usbdepenqueue in its ethernet transmit callback cdcncmsend. When the enqueue fails, the function still calls ksemtake&data-syncsem, KFOREVER, blocking on a completion semaphore that is only ever...
CVE-2026-10647
The CVE concerns the USB CDC-NCM driver (subsys/usb/device_next/class/usbd_cdc_ncm.c) in Zephyr. The code ignores the return value of usbd_ep_enqueue() in cdc_ncm_send(); when enqueue fails, it still calls k_sem_take(&data-sync_sem, K_FOREVER), waiting on a completion that is only signaled from t...
PT-2026-53748
Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.0 Description The USB CDC-NCM device class contains a flaw where the cdc ncm send function ignores the return value of usbd ep enqueue. If the enqueue operation fails—which occurs when the USB bus is suspended,...
Linux Distros Unpatched Vulnerability : CVE-2026-53201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert drm/xe: Skip exec queue schedule toggle if queue is idle during suspend This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip...
Linux Distros Unpatched Vulnerability : CVE-2026-53123
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md: wake raid456 reshape waiters before suspend During raid456 reshape, direct IO across the reshape position can sleep in raid5makerequest waiting for reshape...
Linux Distros Unpatched Vulnerability : CVE-2026-53237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: mvebu: fix NULL pointer dereference in suspend/resume mvebupwmsuspend and mvebupwmresume are called for all GPIO banks during suspend/resume, but not all...
Linux Distros Unpatched Vulnerability : CVE-2026-53142
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using...
gpio: mvebu: fix NULL pointer dereference in suspend/resume
...
CVE-2026-53056
A flaw was found in the Linux kernel's Display Processing Unit DPU driver. During DPU runtime suspend, a mismatch can occur between the power rail voltage and the core clock frequency. This happens when the power management attempts to drop the voltage while the clock remains at its highest rate...
CVE-2026-53237
A flaw was found in the Linux kernel's Marvell EBU mvebu General Purpose Input/Output GPIO driver. During system suspend and resume operations, the mvebupwmsuspend and mvebupwmresume functions are called for all GPIO banks. However, not all banks have Pulse Width Modulation PWM functionality,...
CVE-2026-53142
A flaw was found in the Linux kernel's drm/xe/display driver. When the display is disabled via fuses, the driver can attempt to access uninitialized mode configuration during suspend or shutdown operations. This can lead to a NULL pointer dereference, resulting in a system crash and a denial of...
SUSE CVE-2026-53201
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...
CVE-2026-53237
In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix NULL pointer dereference in suspend/resume mvebupwmsuspend and mvebupwmresume are called for all GPIO banks during suspend/resume, but not all banks have PWM functionality. GPIO banks without PWM have mvchip-mvpw...