Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb:vhci-hcd: Do not drop references before new references are gained. In several places, the driver maintains stale pointers to references that can still be used. Ensure that this does not occur. Strictly speaking, this resolves...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002698 advisory. The vhcihcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002811)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002811 advisory. The vhcihcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation...

MiracleLinux 9 : kernel-5.14.0-570.35.1.el9_6 (AXSA:2025-10804:61)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10804:61 advisory. kernel: bpf, testrun: Fix use-after-free issue in ethskbpkttype CVE-2025-21867 microcodectl: From CVEorg collector CVE-2024-28956 kernel: mm/hugetl...

RHEL 8 : kernel (RHSA-2025:14985)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14985 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: mcast: extend RCU...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990379 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990136)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990136 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989445 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained At a few places the driver...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file descriptor while its device was being used by iotcl on another thread...

AlmaLinux 10 : kernel (ALSA-2025:14009)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14009 advisory. kernel: bpf, testrun: Fix use-after-free issue in ethskbpkttype CVE-2025-21867 kernel: net: fix udp gso skbsegment after pull from fraglist CVE-2025-381...

Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

...

SUSE CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

DEBIAN-CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

AZL-67572 CVE-2025-39861 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

UBUNTU-CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

CVE-2025-39861

CVE-2025-39861 (Linux kernel) : A Bluetooth vulnerability in vhci can cause use-after-free when accessing debugfs files. The fix moves debugfs file creation into a dedicated function and ensures all debugfs files (e.g., force_suspend, force_wakeup) are removed during vhci_release() before freeing...

CVE-2025-39861 Bluetooth: vhci: Prevent use-after-free by removing debugfs files early

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

CLSA-2025-1757961864 kernel: Fix of 32 CVEs

inet: fully convert sk-skrxdst to RCU rules CVE-2021-47103 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - can: peakusb: fix use after free bugs CVE-2021-47670 -...

CLSA-2025-1757961506 kernel: Fix of 26 CVEs

posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - xfrm: state: fix out-of-bounds read during lookup CVE-2024-57982 - nfsd: fix race between laundromat and freestateid CVE-2024-50106 - nfsd: split scstatus out of sctype CVE-2024-50106 - nfsd: avoid race...