Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Use a static NDP16 location within the URB. The original code allowed the start of NDP16 to be anywhere within the URB, based on the wNdpIndex value in NTH16. Only the start position of NDP16 was checked, which ma...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fixed a use-after-free when USB is disconnected. After the powerzdisconnect function frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferenc...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc126379...

Linux Distros Unpatched Vulnerability : CVE-2026-46074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror...

Linux Distros Unpatched Vulnerability : CVE-2026-46073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the UR...

SUSE CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

UBUNTU-CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

EUVD-2026-32811

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

SUSE CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

PT-2026-44307

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero occurs in the sound driver for ua101. The USB core does not validate class-specific descriptor fields such as bNrChannels, which drivers must verify before use. If a...

CVE-2026-45992

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Fix potentially leftover ep1inurb at error path The previous fix for handling the error from setupcard missed that an internal URB cdev-ep1inurb might have been already submitted beforehand. In the normal case, this...

EUVD-2026-32288

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Fix potentially leftover ep1inurb at error path The previous fix for handling the error from setupcard missed that an internal URB cdev-ep1inurb might have been already submitted beforehand. In the normal case, this...

CVE-2026-46074

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

CVE-2026-45992

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

UBUNTU-CVE-2026-46074

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...

CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...