CVE-2026-46310

In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1drmcleanup where it should be calling...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the media renesas vsp1 module’s ability to unreference empty pointers after unloading it. This could le...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ath12k driver’s ability to enable WoW unloading for both the primary and auxiliary links duri...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: core: The /proc/scsi/$procname directory was removed earlier. Removing this directory helps to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit 77c019768f06...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: alloctag: The ability to dynamically allocate percpu counters for module tags. When a module is unloaded, it checks whether any of its tags are still in use. If so, it keeps the memory containing the module’s allocation tags aliv...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: For the hda codecs, do not unset the preset when cleaning up the codec. Several functions involved in the initialization and removal of codecs are reused by ASoC codec driver implementations. These drivers mimic the behavio...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fixed the general protection fault. After loading i10nmedac which automatically loads skxedaccommon, if only i10nmedac is unloaded, then reloading it and performing error injection testing may cause a general...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ptp: Unregistering virtual clocks when unregistering a physical clock. When unregistering a physical clock that contains virtual clocks, the virtual clocks must also be unregistered. This fix resolves the following errors that...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Netfilter: ipset – It is necessary to hold the module reference while requesting a module. The user space may unload the ipset.ko module while it is itself requesting a set-type backend module, resulting in a kernel crash. This...

grub2: Missing unregister call for gettext command may lead to use-after-free

A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the applicati...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between module unloading and structural scanning, potentially leading to system...

Linux Distros Unpatched Vulnerability : CVE-2025-71235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08:...

CVE-2026-24794 Chunk Unloading Security Vulnerability in CardboardPowered/cardboard

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard src/main/java/org/cardboardpowered/impl/world modules. This vulnerability is associated with program files WorldImpl.Java. This issue affects cardboard: before 1.21.4...

CVE-2026-24794 Chunk Unloading Security Vulnerability in CardboardPowered/cardboard

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard src/main/java/org/cardboardpowered/impl/world modules. This vulnerability is associated with program files WorldImpl.Java. This issue affects cardboard: before 1.21.4...

CVE-2026-24794

CVE-2026-24794 affects CardboardPowered/cardboard, specifically the WorldImpl.Java components. It is described as Improper Restriction of Operations within the Bounds of a Memory Buffer and is noted to affect cardboard versions before 1.21.4. The CVSS metrics indicate a CRITICAL base score of 9.2...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003845 advisory. gssmechfree in net/sunrpc/authgss/gssmechswitch.c in the rpcsecgsskrb5 implementation in the Linux kernel through 5.6.10 lacks certain domainrelease calls, leading t...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004272 advisory. gssmechfree in net/sunrpc/authgss/gssmechswitch.c in the rpcsecgsskrb5 implementation in the Linux kernel through 5.6.10 lacks certain domainrelease calls, leading t...

SUSE CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

CVE-2023-54047

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dwhdmi: cleanup drm encoder during unbind This fixes a use-after-free crash during rmmod. The DRM encoder is embedded inside the larger rockchiphdmi, which is allocated with the component. The component memory gets...

CVE-2022-50704 USB: gadget: Fix use-after-free during usb config switch

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...