146 matches found
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Fix for iiochanspec for sensors without event detection. The stlsm6dsxaccchannels array within struct iiochanspec contains a eventspec field that is not NULL, indicating that the sensor supports IIO events...
SUSE CVE-2026-46069
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...
CVE-2026-46069
CVE-2026-46069 affects the Linux kernel mwifiex driver (wifi) where mwifiex_adapter_cleanup() used timer_delete() on wakeup_timer before freeing the adapter, risking a use-after-free if wakeup_timer_fn is running. The issue is resolved by replacing timer_delete() with timer_delete_sync() to ensur...
CVE-2026-46069
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Input: iforce – wait to complete the command after clearing the IFORCEXMITRUNNING flag. syzbot reports a hung task at inputunregisterdevice, with iforceclose waiting in waiteventinterruptible, while dev-mutex is held. This is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fscache: Use waitonbit to wait for the relinquished volume to be freed. The freeing of the relinquished volume will wake up the pending volume acquisition by using wakeupbit. However, this approach conflicts with waitvarevent,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: misc: lis3lv02di2c: Fixed the issue where regulators were disabled twice during suspension/resumption. When lis3lv02di2csuspend is not configured for wakeup, it will call lis3lv02dpoweroff, even if the device has already been...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Unused nvmelswaitq wait queue has been removed. A system crash occurs when qla2x00startspsp returns an error code EGAIN, and the wakeup function is called for an uninitialized wait queue sp-nvmelswaitq. - qla2xx...
SUSE CVE-2026-31733
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...
CVE-2026-31733 sched_ext: Fix stale direct dispatch state in ddsp_dsq_id
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...
PT-2026-36368
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sched ext component where the ddsp dsq id state can remain set non-SCX DSQ INVALID, leading to a spurious warning in the mark direct dispatch function. This occurs...
Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think
The new AI model is being heralded—and feared—as a hacker’s superweapon. Experts say its arrival is a wake-up call for developers who have long made security an afterthought...
EUVD-2026-15253
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix invalid wait context in ctxschedin Lockdep found a bug in the event scheduling when a pinned event was failed and wakes up the threads in the ring buffer like below. It seems it should not grab a wait-queue lock...
CVE-2026-23311 perf/core: Fix invalid wait context in ctx_sched_in()
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix invalid wait context in ctxschedin Lockdep found a bug in the event scheduling when a pinned event was failed and wakes up the threads in the ring buffer like below. It seems it should not grab a wait-queue lock...
PT-2026-22920
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a use-after-free issue in the f2fs write end io function. This issue occurs due to a race condition where memory associated with the superblock sbi is freed whi...
kernel security update
4.18.0-553.107.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
AMD多款产品 安全漏洞
Both the AMD Ryzen and AMD EPYC are products of American semiconductor company AMD. The AMD Ryzen is a central processing unit CPU. The AMD EPYC is a high-performance server processor. Several AMD products have security vulnerabilities. These vulnerabilities stem from improper input validation,...
SUSE CVE-2025-71198
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...
CVE-2026-23110
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes o...
UBUNTU-CVE-2025-71198
In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...