Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fixed the warning when removing the module When removing the module, the following warning will appear: 14.746697 removeprocentry: Removing the non-empty directory ‘irq/21’; data is being leaked at least from...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the JWT verification process. An attacker can gain unauthorized enrollment of rogue devices by submitting a forged JWT with arbitrary identity claims, as the system fails to verify th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988800 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989651 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988985 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get th...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987521 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

SunPower PVS6

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, modify settings, disable the device, create SSH tunnels, and manipulate attached devices. 2. RECOMMENDED PRACTICES CISA recommends users take...

SUSE CVE-2022-49314

In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call pcireleaseregions and pcidisabledevice to recycle the resource previously allocated...

SUSE CVE-2022-49525

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get the following warning: 14.746697 removeprocentry: removing non-empty directory 'irq/21', leaking at least 'cx258211' 14.747449 WARNING...

CVE-2022-49460

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399dmc: Disable edev on remove Otherwise we hit an unablanced enable-count when unbinding the DFI device: 1279.659119 ------------ cut here ------------ 1279.659179 WARNING: CPU: 2 PID: 5638 at...

UBUNTU-CVE-2022-49314

In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call pcireleaseregions and pcidisabledevice to recycle the resource previously allocated...

UBUNTU-CVE-2024-50093

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processorthermal driver uses pcimdeviceenable to enable a PCI device, which means the device will be automatically disabled on driver detach. Thus there is ...

DEBIAN-CVE-2022-48894

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

The vulnerability of the pci_disable_device function in the ixgbe component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the pcidisabledevice function in the ixgbe component of Linux operating systems is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service failures...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

OESA-2024-1102 xorg-x11-server security update

X.Org X11 X server Security Fixes: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's...

The vulnerability of the DisableDevice function in the Wayland protocol implementation for X.Org XWayland, which is part of the X Window System X.Org Server, allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the DisableDevice function in the Wayland protocol implementation for X.Org XWayland, which is part of the X.Org Server for the X Window System, is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to cause a service failure or execute...