PT-2026-43941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A memory leak and use-after-free issue exists in the spi: ch341 driver. The problem occurs during probe failures when the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fixed a use-after-free when USB is disconnected. After the powerzdisconnect function frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferenc...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath9k that occurs in ath9khifusbdisconnect when ath9kdestroywmi is trying to access 'drvpriv' that has already been freed by...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Buffers are returned if streaming fails to start due to a uvcpmget error. This bug may be responsible for the warning that I encountered during testing. The issue...

CVE-2026-43479

The CVE-2026-43479 entry concerns the Linux kernel’s LAN78xx USB Ethernet driver. A WARN was observed in __netif_napi_del_locked during USB device disconnect because netif_napi_del() was redundantly called in the disconnect path while NAPI was still enabled. The fix removes this redundant call si...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: GPIB – Fixed an Oops after disconnection in niusb. If the USB dongle is disconnected, subsequent calls to the driver will cause a NULL dereference Oops, as the businterface is set to NULL upon disconnection. This issue w...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: fix time stamp counter initialization If the gsusb device driver is unloaded or unbound before the interface is shut down, the USB stack first calls the struct usbdriver::disconnect, and then the struct...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Releasing resources at card release The current 6fire code attempts to release resources immediately after calling usb6firechipabort. However, at this point, the card object might still be in use since we are calling...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fixed NULL fb and crtc dereferences on USB disconnection. When the connection is disconnected, the function drmatomichelperdisableall is called, which sets both the fb and crtc for a plane to NULL before performing the...

CVE-2026-31582

A flaw was found in the Linux kernel's hwmon subsystem. A local attacker, by disconnecting a USB device, could trigger a use-after-free vulnerability in the powerz driver. This occurs when the driver attempts to access a Universal Serial Bus Request Block URB after it has been freed during the...

CVE-2026-31582

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

CVE-2026-31582

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix use-after-free on USB disconnect After powerzdisconnect frees the URB and releases the mutex, a subsequent powerzread call can acquire the mutex and call powerzreaddata, which dereferences the freed URB pointer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013541)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013541 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011057)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011057 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath...

CVE-2026-23039 drm/gud: fix NULL fb and crtc dereferences on USB disconnect

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

CVE-2026-23039

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

CVE-2026-23039

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

PT-2026-5542

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drm atomic helper disable all is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every...

Linux Distros Unpatched Vulnerability : CVE-2026-23039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect...

SUSE CVE-2022-50881

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath9k that occurs in ath9khifusbdisconnect when ath9kdestroywmi is trying to access 'drvpriv' that has already been freed by...