469 matches found
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-113 (ALASKERNEL-5.10-2026-113)
The version of kernel installed on the remote host is prior to 5.10.248-247.988. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-113 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the...
CLSA-2026-1770032032 kernel: Fix of 63 CVEs
mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory CVE-2025-39883 - comedi: aioiiro16: Fix bit shift out of bounds CVE-2025-38529 - comedi: das6402: Fix bit shift out of bounds CVE-2025-38482 - comedi: pcl812: Fix bit shift out of bounds CVE-2025-38530 - comedi: das16m1: Fix...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl726 – Prevent invalid IRQ numbers. The reproducer passed in an IRQ number 0x80008000, which was too large, triggering the OOB Out-of-Bounds error. A check for the IRQ number was added to prevent users from entering an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The COMEDIINSNLIST ioctl function allocates a kernel buffer to hold the array of struct comediinsn. The size of this array is determined from the ninsns member of the struc...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: Fixed the use of uninitialized data in insnrwemulatebits. For Comedi INSNREAD and INSNWRITE instructions on “digital” subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevic...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from the user space, so the shift amount...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Comedi: Fixed the initialization of data for instructions that write to sub-devices. It is known that some Comedi sub-device instruction handlers access data elements beyond the first insn-n elements in some cases. The doinsnioct...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: The issue related to comedi: a race between polling and detaching the device has been fixed. The syzbot report indicates a use-after-free in the comedi module. This occurs because comedi happily removes the allocated async area,...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: Make insnrwemulatebits handle insn-n samples. The insnrwemulatebits function is used as a default handler for INSNREAD instructions for sub-devices that have a handler for INSNBITS but not for INSNREAD. Similarly, it is...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: comedi: The issue of using uninitialized memory in doinsnioctl and doinsnlistioctl has been fixed. syzbot reports a KMSAN kernel-infosek in doinsnioctl. A kernel buffer is allocated to hold insn-n samples each of which is an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / Only IRQs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid / if 1 options1 & 0xdcfc However, it-optionsi is an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c / IRQs 2, 3, 5, 6, 7, 10, 11, 15 are valid for “enhanced” mode / if 1 options1 & 0x8cec However, it-optionsi is ...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27001)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27001 advisory. - In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete...
SUSE CVE-2025-68332
In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistration The Comedi low-level driver "c6xdigio" seems to be for a parallel port connected device. When the Comedi core calls the driver's Comedi "attach" handler c6xdigioattach to...
SUSE CVE-2025-68335
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818aicancel, which stems from the fact that in case of early device detach via pcl818detach, subdevice dev-readsubdev may not have initialize...
UBUNTU-CVE-2025-68332
In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistration The Comedi low-level driver "c6xdigio" seems to be for a parallel port connected device. When the Comedi core calls the driver's Comedi "attach" handler c6xdigioattach to...
CVE-2025-68332
In the Linux kernel, the following vulnerability has been resolved: comedi: c6xdigio: Fix invalid PNP driver unregistration The Comedi low-level driver "c6xdigio" seems to be for a parallel port connected device. When the Comedi core calls the driver's Comedi "attach" handler c6xdigioattach to...
UBUNTU-CVE-2025-68335
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818aicancel, which stems from the fact that in case of early device detach via pcl818detach, subdevice dev-readsubdev may not have initialize...
CVE-2025-68335
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl818: fix null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818aicancel, which stems from the fact that in case of early device detach via pcl818detach, subdevice dev-readsubdev may not have initialize...