Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: mailbox: bcm2835: Fixed timeout during suspend mode During the noirq suspend phase, the Raspberry Pi power driver experiences firmware property timeouts. The reason is that the IRQ of the underlying BCM2835 mailbox is disabled...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Input: raspberrypi-ts – fixed the reference count leak in rpitsprobe. The rpifirmwareget function takes a reference; we need to release that reference as well during error paths. Use the devmrpifirmwareget helper to handle...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Drop all currently held locks if a deadlock occurs. If vc4hdmiresetlink returns -EDEADLK, it means that a deadlock has occurred in the locking context. This issue should be addressed by dropping all currently held locks...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Do not check if plane-state-fb == state-fb Currently, when using non-blocking commits, the following kernel warning is observed: 110.908514 ------------ Cut here ------------ 110.908529 refcountt: Underflow; Use after...

SUSE CVE-2026-43302

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size mismatch. This is because 'maxsegsize' is not set. The kernel defaults ...

USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - GPU drivers; - I2C subsystem; - Network traffic control; CVE-2022-49046,...

Key Encapsulation Mechanism-Based Integrated Encryption Scheme (KEM-IES)

The Elliptic Curve Integrated Encryption Scheme ECIES is widely regarded as a practical method and has been adopted by multiple standards. However, the advancement of quantum computing technologies poses potential security risks to ECIES. Therefore, this study proposes a Key Encapsulation...

EUVD-2026-28572

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size mismatch. This is because 'maxsegsize' is not set. The kernel defaults ...

Linux Distros Unpatched Vulnerability : CVE-2026-43302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size...

PT-2026-38944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/v3d component where the max seg size is not set. When V3D rendering is used with CONFIG DMA API DEBUG enabled, the kernel may report a segment size mismatch...

USN-8257-1 linux-raspi vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4, the VPU firmware always crashes when the xHCI power-domain is resumed: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finishe...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: A NULL check has been added in raspberrypiclkregister. devmkasprintf returns NULL when memory allocation fails. Currently, raspberrypiclkregister does not check for this case, which results in a NULL pointer being...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Assign -num before accessing -hws The commit f316cdff8d67 “clk: Annotate struct clkhwonecelldata with countedby annotated the hws member of struct clkhwonecelldata with countedby. This informs the bounds sanitizer ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmmac – Fix for crashes occurring when sending Action Frames in standalone AP Mode Currently, whenever an Action Frame needs to be transmitted, the brcmmac driver always uses the P2P vif to send the “actframe” IOVAR to th...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: firmware: raspberrypi: fix possible memory leak in rpifirmwareprobe In rpifirmwareprobe, if mboxrequestchannel fails, the 'fw' will not be freed through rpifirmwaredelete, fix this leak by calling kfree in the error path...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypidiscoverclocks relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore firmware and it doesn't...

A-THENA: Early Intrusion Detection for IoT with Time-Aware Hybrid Encoding and Network-Specific Augmentation

The proliferation of Internet of Things IoT devices has significantly expanded attack surfaces, making IoT ecosystems particularly susceptible to sophisticated cyber threats. To address this challenge, this work introduces A-THENA, a lightweight early intrusion detection system EIDS that...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010814)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010814 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode Currently, whenever...