embedded linux

On May 28, 2026, NVD published CVE-2026-46148 for a Linux kernel fix in the Microchip coreQSPI SPI controller driver, after kernel.org reported that the controller’s built-in chip select could be asserted while Linux was communicating with another SPI device. The bug is narrow...

CVE-2026-46226 is a newly published Linux kernel vulnerability, received by NVD from kernel.org on May 28, 2026, that fixes a Freescale SPI driver unbind bug by deregistering the SPI controller before freeing lower-level resources such as DMA. The record is still awaiting NVD enrichment, so...

CVE-2026-43250 is a Linux kernel vulnerability published on May 6, 2026, affecting the ChipIdea USB Device Controller driver when a USB gadget device is disconnected and reconnected during an active multi-segment DMA transfer. The bug is not a headline-grabbing remote code execution flaw; it is...

CVE-2026-31616 is a narrowly scoped but technically important Linux kernel vulnerability in the USB gadget subsystem, where a hostile USB host can trigger a fragment-array overflow in the Phonet gadget receive path. The flaw sits in f_phonet, a legacy but still shipped kernel function used to...

A small Linux kernel bounds-check fix has become a useful case study in how modern vulnerability management treats even niche hardware paths as security-relevant. CVE-2026-31627 addresses an SMBus b-read length validation flaw in the Linux kernel’s Samsung s3c24xx I2C host driver, where the...

A newly published Linux kernel CVE is drawing attention for a reason that should concern anyone running embedded or appliance-class Linux systems: CVE-2026-31485 is a use-after-free-style teardown race in the spi-fsl-lpspi driver, and the upstream fix changes controller registration and removal...

The Linux kernel has been assigned CVE-2025-68175 for a flaw in the NXP i.MX8 ISI (Image Sensor Interface) driver that can prematurely tear down an active video stream when userland issues a harmless query — a defect fixed upstream by moving streaming preparation and cleanup into the vb2...

The Linux kernel has received a small but important corrective patch addressing CVE-2025-40262 — a memory-corruption bug in the IMX SCU key driver (imx_sc_key) that could corrupt kernel memory during module unload by passing the address of a stack variable instead of the intended pointer. The...

Across the ever-evolving landscape of embedded computing, interoperability and flexibility are reigning champions, particularly as industries pivot toward smarter automation, real-time edge processing, and scalable deployments. This transformation is vividly embodied in Tria Technologies’ latest...

Original release date: May 25, 2018 Systems Affected Small office/home office (SOHO) routers Networked devices Network-attached storage (NAS) devices Overview Cybersecurity researchers have identified that foreign cyber actors have compromised hundreds of thousands of home and office...