99 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fbcon: Set fbdisplayi-mode to NULL when the mode is released. Recently, we discovered the following issue through syzkaller: BUG: KASAN: Slab-use-after-free in fbmodeisequal+0x285/0x2f0 A read of size 4 at address ff11000001b3c69...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k – fixed a memory leak in ath12kqmidrivereventwork. Currently, the buffer pointed to by event is not freed when the ATH12KFLAGUNREGISTERING bit is set. This causes a memory leak. A goto statement should be added inste...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering. It is possible to trigger a use-after-free situation here by: a forcing rescanworkfunc to take a long time, and b using a pwrctrl driver that may be unloaded for som...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ACPI: processoridle: A memory leak was fixed in acpiprocessorpowerexit. After the CPU idle device was unregistered, the memory associated with it wasn’t freed, resulting in a memory leak: unreferenced object 0xffff896282f6c000 si...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fixed a use-after-free case in tcpmregistersourcecaps. There might be a potential use-after-free case in tcpmregistersourcecaps. This could occur when: - New say, invalid source caps are advertised. - Existing...
EUVD-2026-27793
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234
CVE-2026-43234 concerns the Linux kernel team driver. The issue arises when unregistering a slave from a team interface while a NETDEV_CHANGEMTU event is pending, potentially causing a deadlock/resource exhaustion and system unresponsiveness as shown by reproduction steps involving creating a tea...
CVE-2026-43234 team: avoid NETDEV_CHANGEMTU event when unregistering slave
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
PT-2026-37574
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the team driver where a NETDEV CHANGEMTU event is triggered during the unregistration of a slave. This can lead to a situation where the system waits for a network...
CVE-2026-43027
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...
CVE-2026-31532
A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010894)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010894 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010868)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010868 advisory. In the Linux kernel, the following vulnerability has been resolved: vme: Fix error not catched in fakeinit In fakeinit, rootdeviceregister is possible to fail but it...
UBUNTU-CVE-2026-23392
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...
CVE-2026-23392
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...
PT-2026-27757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a flowtable is not properly released after an error, potentially leading to a use-after-free condition. This can occur when unregistering hooks...
UBUNTU-CVE-2023-54274
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'madagent' pointer When unregistering MAD agent, srpt module has a non-null check for 'madagent' pointer before invoking ibunregistermadagent. This check can pass if 'madagent' variable holds an...
DEBIAN-CVE-2023-53799
In the Linux kernel, the following vulnerability has been resolved: crypto: api - Use work queue in cryptodestroyinstance The function cryptodropspawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the...