103 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Avoid unregistering devlink regions that were never registered. Russell King reported that a system with mv88e6xxx dereferenced a NULL pointer when unbinding this driver:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reported that on version ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since the commit a3c53be55c95 “net: dsa: mv88e6xxx: Support multiple MDIO buses“”, the function mv88e6xxxdefaultmdiobus has checked that the return value of listfirstentry is...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Do not use devres for mdiobus As explained in the commits: 74b6d7d13307 “net: dsa: realtek: Register the MDIO bus under devres” 5135e96a3dd2 “net: dsa: Do not allocate the slavemiibus using devres” The...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix for out-of-bound access issues. If a ATU violation was caused by a CPU Load operation, the SPID could be larger than DSAMAXPORTS the size of the mv88e6xxxchip.ports array...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, for the dsa module, in the mv88e6xxx code path, there was a issue with the refcount leak in the mv88e6xxxmdiosregister function. The ofgetchildbyname function returns a node pointer whose refcount is...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005510)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005510 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix out-of-bound access If an ATU violation was caused by a CPU Load...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37865)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37865 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37787)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37787 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991191)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991191 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister ofgetchildbyname returns a node...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-44988)
net: dsa: mv88e6xxx: vulnerability caused an out-of-bound access in the mv88e6xxx driver due to an ATU violation causing the SPID to exceed DSAMAXPORTS, which was resolved by ensuring the SPID stays within the valid range. This plugin only works with Tenable.ot. Please visit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990559)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990559 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister ofgetchildbyname returns a node...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990624)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990624 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989102)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989102 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990272)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990272 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989967)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989967 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989764)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989764 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister ofgetchildbyname returns a node...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987547)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987547 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987560)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987560 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister ofgetchildbyname returns a node...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986542)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986542 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...