182 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: Avoid calling WARN when unbinding an event channel. When unbinding a user event channel, the related handler might be called a last time, especially if the kernel was built with CONFIGDEBUGSHIRQ. This could result in ...
SUSE CVE-2026-43459
In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...
CVE-2026-43459
CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...
CVE-2026-43324
In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix interrupt synchronization error This fixes an error in synchronization in the dummy-hcd driver. The error has a somewhat involved history. The synchronization mechanism was introduced by commit 7dbd8f4cabd9...
Linux Distros Unpatched Vulnerability : CVE-2026-43459
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in...
Linux Distros Unpatched Vulnerability : CVE-2026-43181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported...
CVE-2026-43138
A flaw was found in the Linux kernel. A local user could exploit a vulnerability in the GPIO General Purpose Input/Output reset controller by unbinding a dynamically created device through the sysfs a virtual filesystem providing an interface to kernel data structures interface. This improper...
EUVD-2026-27700
In the Linux kernel, the following vulnerability has been resolved: reset: gpio: suppress bind attributes in sysfs This is a special device that's created dynamically and is supposed to stay in memory forever. We also currently don't have a devlink between it and the actual reset consumer. Suppre...
CVE-2026-31723
A flaw was found in the Linux kernel's usb: gadget: fsubset component. This vulnerability arises from an issue in how network device resources are managed during the unbinding of a USB gadget function. When the parent device is destroyed, the associated network device may persist, creating...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing during the unbinding process, potentially leading to kernel crashes...
SUSE CVE-2026-31650
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its driver data and the last reference can in theory be dropped after the driver has been unbound. This...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013525)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013525 advisory. In the Linux kernel, the following vulnerability has been resolved: vdpa: fix use-after-free on vpvdparemove When vpvdpa driver is unbind, vpvdpa is freed in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006954)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006954 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from bandwidth list when freeing the device Endpoints are normally...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from failing to handle the unbinding of slave devices from the VRF context. This vulnerability may lead to...
Linux Kernel Security Vulnerabilities
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the issue of not releasing device references when binding and unbinding devices. This vulnerabili...
CVE-2025-71145
In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change fixing a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case as the isp1301getclient helper only increases the...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27067)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27067 advisory. - In the Linux kernel, the following vulnerability has been resolved: xen/evtchn: avoid WARN when...
SUSE CVE-2025-68804
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...
CVE-2025-68804
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...
CVE-2025-68804
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecishtp: Fix UAF after unbinding driver After unbinding the driver, another kthread crosecconsolelogwork is still accessing the device, resulting an UAF and crash. The driver doesn't unregister the EC device ...