49 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netlink: prevents potential Spectre v1 exploits Most netlink attributes are parsed and validated via nlavalidateparse or validatenla. c u16 type = nlatypenla; if type == 0 || type maxtype / Error or continue / The @type value is...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 exploits in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; Since @type is used as an array index, we need to prevent CPU speculation ...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011217)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011217 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990020)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990020 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987624)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987624 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevent potential spectre v1 gadget It appears like cmd could be a Spectre v1 gadget as...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987266)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987266 advisory. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986427)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986427 advisory. In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for...
Linux Distros Unpatched Vulnerability : CVE-2023-52746
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr int type = nlatypenla...
Linux Distros Unpatched Vulnerability : CVE-2021-47277
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address gpa to a...
Linux Distros Unpatched Vulnerability : CVE-2023-52996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type...
Linux Distros Unpatched Vulnerability : CVE-2023-53000
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla...
kernel: dm ioctl: prevent potential spectre v1 gadget
A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...
kernel: dm ioctl: prevent potential spectre v1 gadget
A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...
CLSA-2025-1749568993 kernel: Fix of 24 CVEs
vsock: Keep the binding until socket destruction CVE-2025-21756 - mt76: fix use-after-free by removing a non-RCU wcid pointer CVE-2022-49328 - bpf, testrun: Fix alignment problem in bpfprogtestrunskb CVE-2022-49840 - ASoC: core: Fix use-after-free in sndsocexit CVE-2022-49842 - net: sched: Fix...
CLSA-2025-1749562017 kernel: Fix of 24 CVEs
vsock: Keep the binding until socket destruction CVE-2025-21756 - mt76: fix use-after-free by removing a non-RCU wcid pointer CVE-2022-49328 - bpf, testrun: Fix alignment problem in bpfprogtestrunskb CVE-2022-49840 - ASoC: core: Fix use-after-free in sndsocexit CVE-2022-49842 - net: sched: Fix...
DEBIAN-CVE-2023-52997
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
DEBIAN-CVE-2023-53000
In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...
DEBIAN-CVE-2023-52996
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fibmetricsmatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; @type being used as an array index, we need to prevent cpu speculation or ri...
CVE-2023-52997 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
CVE-2023-52997
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...