Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: wwan: t7xx: Fixed the FSM command timeout issue When the driver processes the internal state change command, it uses an asynchronous thread to handle the command operation. If the main thread detects that the task has tim...

PT-2026-43861

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the command file write handler where it allocates a kernel buffer based on a user-provided count but fails to validate this buffer against the dot command protocol before...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: The command completion timeout has been increased. The commit 130a96d698d7 “usb: typec: ucsi: acpi: Increase command completion timeout value” increased the timeout from 5 seconds to 60 seconds due to issues relate...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ar5523: Fixed a use-after-free in ar5523cmd when it timed out. Syzkaller reported a use-after-free with the stack trace as follows 1: 38.960489 C3 ================================================================== 38.963216...

[SECURITY] Fedora 44 Update: sudo-1.9.17-8.p2.fc44

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

CVE-2022-50833

CVE-2022-50833 relates to the Linux kernel Bluetooth HCI work queue handling. The issue arose when scheduling hdev->{cmd,ncmd}_timer work on the hdev->workqueue during a draining WQ, which could conflict with a destruction-during-queue state. The mitigation involves using the hdev->workq...

EUVD-2022-55773

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

CVE-2022-50716

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

UBUNTU-CVE-2022-50716

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

CVE-2022-50716

In the Linux kernel, CVE-2022-50716 relates to wifi/ar5523: a use-after-free in ar5523_cmd() when a timed-out command could lead to touching freed memory during probe. The patch fixes this by canceling in-flight tx commands when a USB urb timed out, preventing ar5523_cmd_tx_cb() from accessing a ...

CVE-2022-50716 wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from command timeout followed by post-release reuse, and could lead to arbitrary code execution...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARNON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout that causes kernel panic when “paniconwarn” is enabled, and unnecessary call trace prints when...

EUVD-2020-24922

Malware in sbrugna...

EUVD-2024-54861

Malicious code in bioql PyPI...

EUVD-2021-9446

Malicious code in bioql PyPI...

EUVD-2023-59808

Malicious code in bioql PyPI...

EUVD-2025-29185

Malicious code in bioql PyPI...

SUSE CVE-2023-53168

In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: Increase the command completion timeout Commit 130a96d698d7 "usb: typec: ucsi: acpi: Increase command completion timeout value" increased the timeout from 5 seconds to 60 seconds due to issues related to alternate...

UBUNTU-CVE-2023-53387

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...