Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the tpm subsystem, the issue of locking the TPM chip before calling tpmpmsuspend needs to be addressed. Setting TPMCHIPFLAGSUSPENDED at the end of tpmpmsuspend can be done more efficiently, as this provides a window during whi...

EUVD-2026-28581

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fix unsafe generichandleirq call Currently, when resuming from system suspend on Tegra platforms, the following warning is observed: WARNING: CPU: 0 PID: 14459 at kernel/irq/irqdesc.c:666 Call trace:...

CVE-2026-43415 scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...

CVE-2026-31540

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Check setdefaultsubmission before deferencing When the i915 driver firmware binaries are not present, the setdefaultsubmission pointer is not set. This pointer is dereferenced during suspend anyways. Add a check to...

SUSE CVE-2023-53723

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdmav40ip is shared on a few asics, but in sdmav40hwfini, driver unconditionally disables eccirq which is only enabled on those asics enabling sdma ecc. Th...

CVE-2023-53723 drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend sdmav40ip is shared on a few asics, but in sdmav40hwfini, driver unconditionally disables eccirq which is only enabled on those asics enabling sdma ecc. Th...

SUSE CVE-2023-53628

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq is retired in gfx11. In gfxv110hwfini still use amdgpuirqput to disable this interrupt, which caused the call trace in this function. 102.873958 Call Trace:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986748)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986748 advisory. In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionall...

CVE-2023-53471

The CVE-2023-53471 issue affects the Linux kernel’s DRM AMDGPU driver (gfx9). The root cause is that gfx9 cp_ecc_error_irq was enabled only when legacy gfx ras is asserted, but gfx_v9_0_hw_fini may disable cp_ecc_error_irq outside that condition, leading to an amdgpu_irq_put calltrace. Affected p...

SUSE CVE-2023-53193

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv100hwfini The gmc.eccirq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpuirqput...

UBUNTU-CVE-2025-39722

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP, which also reserves access to...

kernel: usb: dwc3: fix fault at system suspend if device was already runtime suspended

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: fix fault at system suspend if device was already runtime suspended If the device was already runtime suspended then during system suspend we cannot access the device registers else it will crash. Also we cannot access...

CVE-2023-52994 acpi: Fix suspend with Xen PV

In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 "x86/boot: Skip realmode init code when running as Xen PV guest" missed one code path accessing realmodeheader, leading to dereferencing NULL when suspending the system under Xen:...

kernel: spi: Fix null dereference on suspend

In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous noqueue transfer can be active during a system suspend. This can cause a null pointer dereference exception to occur when the system resumes. Exampl...

SUSE CVE-2024-50238

In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usbc: fix NULL-deref on runtime suspend Commit 413db06c05e7 "phy: qcom-qmp-usb: clean up probe initialisation" removed most users of the platform device driver data from the qcom-qmp-usb driver, but mistakenly also...

CVE-2024-50240

In the Linux kernel, the following vulnerability has been resolved: phy: qcom: qmp-usb: fix NULL-deref on runtime suspend Commit 413db06c05e7 "phy: qcom-qmp-usb: clean up probe initialisation" removed most users of the platform device driver data, but mistakenly also removed the initialisation...

DEBIAN-CVE-2024-46820

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: remove irq disabling in vcn 5 suspend We do not directly enable/disable VCN IRQ in vcn 5.0.0. And we do not handle the IRQ state as well. So the calls to disable IRQ and set state are removed. This effectively get...

UBUNTU-CVE-2024-46798

In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: Fix UAF for sndsocpcmruntime object When using kernel with the following extra config, - CONFIGKASAN=y - CONFIGKASANGENERIC=y - CONFIGKASANINLINE=y - CONFIGKASANVMALLOC=y - CONFIGFRAMEWARN=4096 kernel detects that...

AZL-67493 CVE-2024-27056 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated ...

UBUNTU-CVE-2024-26758

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecovery, which might cause syncthread can't be unregistered. After commit...