Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989182 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: taskmmu.c: don't read mapcount for migration entry The syzbot reported the below BUG:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989864)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989864 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989486 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNIN...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988815)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988815 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the string machinery...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989629)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989629 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Add missing ofnodeput in iommuinitearlydart The devicenode pointer is returned by...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: comedi: Fixed the use of uninitialized data in insnrwemulatebits. For Comedi INSNREAD and INSNWRITE instructions on “digital” subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevic...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fix to avoid panic in f2fsevict inode As syzbot 1 reported as follows: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- End trace:...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fixed the programming of HCIUTRLNEXUSTYPE. On the Google gs101, the number of UTP transfer request slots is 32. In this case, the driver incorrectly programs UTRLNEXUSTYPE as 0. This occurs because the left sid...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel When l2caprecvframe is invoked to receive data, and the cid is L2CAPCIDA2MP, if the channel does not exist, it will create a channel. However, after a channel is created, the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking if chanlistlen is zero, which could lead to a divide by zero error...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing BOs to be evicted in the same VM, potentially leading to null pointer dereferencing...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to properly set the release hook when device registration fails in ppsregistercdev, which could result...

Siemens SIMATIC Devices Double Free (CVE-2024-36940)

In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrlenable The pctldev struct is allocated in devmpinctrlregisterandinit. It's a devm managed pointer that is freed by devmpinctrldevrelease, so freeing it in pinctrlenable will lead to ...

Linux Distros Unpatched Vulnerability : CVE-2023-53712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2021-38202)

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic when the trace event framework is being used for nfsd. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC Devices Improper Validation of Specified Type of Input (CVE-2024-35900)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table existing and new. The following configuration allows...

Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-36008)

In the Linux kernel, the following vulnerability has been resolved: ipv4: check for NULL idev in iprouteusehint syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree. It appears the bug exists in latest trees. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2024-42283)

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthopgrp contains two reserved fields that are not initialized by nlaputnhgroup, and carry garbage. This can be observed e.g. with strace edited for clarity: ip...

EUVD-2022-54472

In the Linux kernel, the following vulnerability has been resolved: sock: redo the psock vs ULP protection check Commit 8a59f9d1e3d4 "sock: Introduce sk-skprot-psockupdateskprot" has moved the inetcskhasulpsk check from skpsockinit to the new tcpbpfupdateproto function. I'm guessing that this was...