319 matches found
CVE-2026-46069
A flaw was found in the Linux kernel's mwifiex Wi-Fi driver. The mwifiexadaptercleanup function incorrectly uses a non-synchronous timer deletion, allowing the wakeuptimer callback to access memory after it has been freed. This use-after-free vulnerability can lead to system instability, crashes,...
CVE-2026-46069
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...
CVE-2026-46015
In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...
UBUNTU-CVE-2026-46015
In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...
UBUNTU-CVE-2026-46069
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...
EUVD-2026-32451
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...
CVE-2026-46015 tcp: call sk_data_ready() after listener migration
In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...
PT-2026-43936
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiex adapter cleanup The mwifiex adapter cleanup function uses timer delete non-synchronous for the wakeup timer before the adapter structure is freed. This is incorrect because timer delet...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - aio: Fixed the dereferencing of a null pointer in aiocomplete’s wakeup routine. - listdelinitcareful must be the last access to the wait queue entry; this effectively unlocks access to the queue. Previously, finishwait would...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Fixed warnings during S3 suspension The enablegpewakeup function calls acpienableallwakeupgpes, and this function may also call the preemptschedulecommon function. This results in a thread switch, causing the CPU to...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: “pipe: wakeup wrwait after setting maxusage” The commit c73be61cede5 “pipe: Add general notification queue support” introduced a regression that could cause pipes with resized sizes to become locked under certain conditions. See...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: virtio: using virtiodeviceready in virtiodevicerestore After waking up a suspended VM, the kernel prints the following trace for virtio drivers that do not directly call virtiodeviceready in .restore: PM: suspend exit irq 22:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: clockevents: Added missing resets to the nexteventforced flag. The mechanism used to prevent timer interrupts from being missed failed to reset the nexteventforced flag in several locations: - When the state of the clock event...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md: fixed rcu protection in mdwakeupthread We attempted to use RCU to protect the pointer “thread”, but passed the value directly when calling mdwakeupthread. This means that the RCU pointer was acquired before rcureadlock was...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: acpi: Fixed suspend with Xen PV The commit f1e525009493 "x86/boot: Skipping realmode init code when running as Xen PV guest" missed one code path that accessed the realmodeheader, leading to a NULL dereference during system...
EUVD-2026-28743
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in sndpcmdrain In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime runtime = s-runtime at line 2157. After releasing the stream lock at...
CVE-2026-43437 ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in sndpcmdrain In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime runtime = s-runtime at line 2157. After releasing the stream lock at...
PT-2026-39098
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA pcm component within the snd pcm drain function. In the drain loop, the runtime variable is reassigned to a linked stream's runtime. After the...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fixed an issue where IO operations could hang due to a race condition involving the sbitmap wakeup mechanism. In blkmqmarktagwait, addwaitqueue might be re-ordered. In the case of a failure in obtaining the driver tag,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fix race condition in TTY wakeup A race condition occurs when gsstartio calls either gsstartrx or gsstarttx, as those functions briefly drop the portlock for usbepqueue. This allows gsclose and...