CVE-2026-40290

A flaw was found in OP-TEE Trusted Execution Environment. A local attacker could exploit a user-after-free UAF race condition in the shared memory teardown logic when OP-TEE is configured as a Secure Partition Management Controller SPMC for Secure EL0 S-EL0 Secure Partitions. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2026-46183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can als...

EUVD-2026-32810

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can also be indirectly read, for the parameters on,offline committing to...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fixed a UAF issue during destruction that could lead to a race condition. Object debugging tools occasionally reported illegal attempts to free an i915 VMA object when parking a GT that was believed to be idle...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the issue where a user-after-free exception occurred when the session was logged off. There is an issue between the SMB2 session logging-off and SMB2 session setup. This caused a user-after-free exception when the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed “use-after-free” issue This involves using l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following error: Bluetooth: l2capcore.c: static void l2capchandestroystruct krefkref...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP – Fixed a potential issue after the “user-after-free” operation. This fix addresses all cases where allocating a buffer using allocskb might release the “chan lock”, and reacquiring it later could result in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: futex: It is required that sysfutexrequeue has identical flags. Nicholas reported that his LLM found it possible to create a UaF when sysfutexrequeue is used with different flags. The initial motivation for allowing different fla...

CVE-2026-31554

In the Linux kernel, the following vulnerability has been resolved: futex: Require sysfutexrequeue to have identical flags Nicholas reported that his LLM found it was possible to create a UaF when sysfutexrequeue is used with different flags. The initial motivation for allowing different flags wa...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013653 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006993)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006993 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013245)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013245 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011244)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011244 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006741 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will...

MiracleLinux 8 : tigervnc-1.13.1-2.el8_9.10.ML.1 (AXSA:2024-7730:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7730:07 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...

CVE-2021-0697

In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid...

CVE-2023-54214

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock and reacquire later which makes it possible that the chan is...

SUSE CVE-2023-54214

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock and reacquire later which makes it possible that the chan is...

Linux Distros Unpatched Vulnerability : CVE-2023-54214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock...

UBUNTU-CVE-2023-54214

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix potential user-after-free This fixes all instances of which requires to allocate a buffer calling allocskb which may release the chan lock and reacquire later which makes it possible that the chan is...