Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store the vhost pointer during subcrq allocation Currently, the back pointer from a queue to the vhost adapter is not set until after the subcrq interrupt registration. This value becomes available when a queue is...

Astra Linux - уязвимость в linux

The IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors may allow a local user to obtain sensitive information from the data in the L1 cache under certain circumstances. IBM X-Force ID: 189296...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003987 advisory. IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001412)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001412 advisory. IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004440)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004440 advisory. IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990064)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990064 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible...

NewStart CGSL MAIN 6.06 : gcc Vulnerability (NS-SA-2025-0227)

The remote NewStart CGSL host, running version MAIN 6.06, has gcc packages installed that are affected by a vulnerability: - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy...

Linux Distros Unpatched Vulnerability : CVE-2019-15847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing...

Linux Distros Unpatched Vulnerability : CVE-2025-21869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports...

CVE-2023-30438

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

SUSE CVE-2022-49703

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...

DEBIAN-CVE-2022-49703

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...

AZL-47991 CVE-2024-41070 affecting package kernel for versions less than 5.15.164.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible use-after-free UAF in kvmspaprtceattachiommugroup. It looks up stt from tablefd, but then continues to use it after doing fdput on the returne...

UBUNTU-CVE-2024-41070

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible use-after-free UAF in kvmspaprtceattachiommugroup. It looks up stt from tablefd, but then continues to use it after doing fdput on the returne...

kernel: mm/vmemmap/devdax: fix kernel crash when probing devdax devices

A flaw was discovered in the device DAX devdax probing implementation of the Linux kernel memory management subsystem mm/vmemmap/devdax. Under specific architecture configurations for example POWER9 with hash MMU, the code path in vmemmappopulatecompoundpages did not properly account for...

SUSE CVE-2019-15847

The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...

CVE-2022-22445

An attacker that gains service access to the FSP POWER9 only or gains admin authority to a partition can compromise partition firmware...

CVE-2022-22374

The BMC IBM Power 9 AC922 OP910, OP920, OP930, and OP940 may be subject to a firmware downgrade attack which may affect its ability to operate its host. IBM X-Force ID: 221442...

CVE-2022-22374

The BMC IBM Power 9 AC922 OP910, OP920, OP930, and OP940 may be subject to a firmware downgrade attack which may affect its ability to operate its host. IBM X-Force ID: 221442...

IBM OPENBMC OP910 信息泄露漏洞

IBM OPENBMC OP910 is a POWER8 and POWER9 emulator from International Business Machines Corporation IBM.IBM OPENBMC OP920, OP930 and OP940 have a security vulnerability that could be exploited by an unauthenticated attacker to gain access to sensitive information...