307 matches found
CVE-2026-53193
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...
CVE-2026-53193 ALSA: timer: Forcibly close timer instances at closing
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...
CVE-2026-53193
CVE-2026-53193 concerns the Linux kernel ALSA timer component. When a snd_timer object is freed via snd_timer_free() while there are still pending snd_timer_instance entries linked to it, slave instances may continue to point at the freed timer, creating a use-after-free condition. The vulnerabil...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fixed a UAF issue during destruction that could lead to a race condition. Object debugging tools occasionally reported illegal attempts to free an i915 VMA object when parking a GT that was believed to be idle...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed “use-after-free” issue This involves using l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following error: Bluetooth: l2capcore.c: static void l2capchandestroystruct krefkref...
CVE-2026-40290
A flaw was found in OP-TEE Trusted Execution Environment. A local attacker could exploit a user-after-free UAF race condition in the shared memory teardown logic when OP-TEE is configured as a Secure Partition Management Controller SPMC for Secure EL0 S-EL0 Secure Partitions. This vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2026-46183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can als...
EUVD-2026-32810
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can also be indirectly read, for the parameters on,offline committing to...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP – Fixed a potential issue after the “user-after-free” operation. This fix addresses all cases where allocating a buffer using allocskb might release the “chan lock”, and reacquiring the lock later could result in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: futex: It is required that sysfutexrequeue has identical flags. Nicholas reported that his LLM found it possible to create a UaF when sysfutexrequeue is used with different flags. The initial motivation for allowing different fla...
CVE-2026-31554
In the Linux kernel, the following vulnerability has been resolved: futex: Require sysfutexrequeue to have identical flags Nicholas reported that his LLM found it was possible to create a UaF when sysfutexrequeue is used with different flags. The initial motivation for allowing different flags wa...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013653)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013653 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006993)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006993 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011244)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011244 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013245)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013245 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006741 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will...
MiracleLinux 8 : tigervnc-1.13.1-2.el8_9.10.ML.1 (AXSA:2024-7730:07)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7730:07 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...
CVE-2021-0697
In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid...
CVE-2023-54214
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock and reacquire later which makes it possible that the chan is...
SUSE CVE-2023-54214
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock and reacquire later which makes it possible that the chan is...