Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from an improperly restricted pathname, which could allow ...

Schneider Electric PowerChute Serial Shutdown 安全漏洞

Schneider Electric PowerChute Serial Shutdown is a UPS management, normal shutdown, and energy management software from Schneider Electric France. A security vulnerability exists in Schneider Electric PowerChute Serial Shutdown that stems from improperly set default permissions, which could resul...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990898)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990898 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: max3100: Lock port-lock when calling uarthandlectschange uarthandlectschange has to be...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990765 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: imx: Add missing .thawnoirq hook The following warning is seen with non-console UART...

Linux Distros Unpatched Vulnerability : CVE-2025-40108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 serial: qcom-geni: Enable PM...

kernel: usb: typec: ucsi: displayport: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...

kernel: padata: avoid UAF for reorder_work

In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...

kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...

kernel: usb: typec: ucsi: displayport: Fix NULL pointer access

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix NULL pointer access This patch ensures that the UCSI driver waits for all pending tasks in the ucsidisplayportwork workqueue to finish executing before proceeding with the partner removal...

kernel: padata: avoid UAF for reorder_work

In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...

kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference on certain command aborts If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is late...

SUSE CVE-2025-40108

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...

Security Advisory 0125

Security Advisory 0125 . CSAF PDF Date: November 11, 2025 Revision | Date | Changes ---|---|--- 1.0 | November 11, 2025 | Initial release The CVE-ID tracking this issue: CVE-2025-8870 CVSS:3.1 Base Score 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H CVSS:4.0 Base Score 5.6...

CVE-2025-40108

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...

EUVD-2025-38442

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...

CVE-2025-40108

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...

UBUNTU-CVE-2025-40108

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...

CVE-2025-40108 serial: qcom-geni: Fix blocked task

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...

CVE-2025-40108

CVE-2025-40108 concerns the Linux kernel’s serial driver for Qualcomm GenI (qcom-geni). The issue manifested as a hang of a worker task (kworker) on Qualcomm RB1/QRB2210 during normal boot when PM runtime support was enabled by commits enabling PM runtime for the serial driver. The regression was...

CVE-2025-40108 serial: qcom-geni: Fix blocked task

In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task Revert commit 1afa70632c39 "serial: qcom-geni: Enable PM runtime for serial driver" and its dependent commit 86fa39dd6fb7 "serial: qcom-geni: Enable Serial on SA8255p Qualcomm platforms" becaus...