226259 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: rc: gpio-ir-recv: added/removed functions If runtime PM is enabled, perform runtime PM cleanup to remove the cpu latency QoS request. Otherwise, driver removal may result in the following kernel dump: 19.463299 Unable t...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ubifs: A memory leak was fixed in allocwbufs. kmemleak reported a series of memory leaks, as follows: - Unreferenced object 0xffff8881575f8400 size 1024: Command: “mount”, PID: 19625, Jiffies: 4297119604 Age: 20.383 seconds He...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: x86-android-tablets: Devices are unregistered in reverse order. Not all subsystems support the removal of a device when there are still consumers referencing that device. One example is the regulator subsystem. If a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Fixed call trace warnings and hangs when removing the amdgpu device. On GPUs with RAS enabled, hangs are observed during the shutdown process when checking the call trace. v2: Instead of using the shutdown flag, th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed a possible NULL pointer dereferencing in mt7915macfillrxvector. Fixed a possible NULL pointer dereferencing in mt7915macfillrxvector if the chip does not support dbdc and the hardware reports bandidx set to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check whether the returned RPORT is valid. Klocwork reported a warning that the RPORT might be NULL and would be dereferenced. The RPORT returned by the call to fcbsgtorport could be NULL and would be dereferenced...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996: Fixed nullptrderef in mt7996mmiowedinit The devmioremap function returns NULL upon error. Currently, mt7996mmiowedinit does not check for this case, resulting in a NULL pointer dereference. This issue has been...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/vas: Added a close callback in the vasvmops structure. The VMA address is saved in the VAS window structure when the paste address is mapped. This VMA address is used during migration to unmap the paste address if...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Added a sentinel to the quirks table. The current driver lacks a sentinel in the struct socdeviceattribute array, which causes a buffer overflow error when the socdevicematchmt7621pciequirksmatch function is called...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbuscore Fixed NULL pointer dereferencing. The i2cclient function is now used in pmbusisenabled, thereby removing the assumption that a regulator device is passed as an argument. This fixes the issue of NULL pointer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fixed an SError in ufshcdrtcwork during UFS suspend. In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work. However, this function is called after ufshcdvopssuspendhba, pmop, POSTCHANGE...
PT-2026-50928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel BPF reuseport program handling. When a UDP reuseport group uses a cBPF program and that program is replaced or detached via the setsocko...
ALSA-2026:27353 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kerne...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kerne...
PT-2026-50927
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The vti6 init net function fails to set the netns immutable flag on the per-netns fallback tunnel device 'ip6 vti0'. This flag is intended to prevent the device from being moved to anoth...
Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)
Question Security Bulletin: Dirty COW Vulnerability CVE-2016-5195 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"All Versions","Edition":"","Line of...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23111)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix inverted genmask check in nftmapcatchallactivate nftmapcatchallactivate has an inverted element activity check compared to its non-catchall counterpart nftmapelemactivate and compared to what is logically...
Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71188)
In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent...
Siemens RUGGEDCOM RST2428P Permissive Regular Expression (CVE-2025-40271)
"In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...
Siemens RUGGEDCOM RST2428P Multiple Releases of Same Resource or Handle (CVE-2025-40261)
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...