UBUNTU-CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fixed a nullptrderef in scmicpufreqgetrate. The cpufreqcpugetraw function may return NULL when the target CPU is not present in the policy-cpus mask. The scmicpufreqgetrate function does not check for this case,...

CVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failure

In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fix genpd leak on provider registration failure If ofgenpdaddprovideronecell fails during probe, the previously created generic power domains are not removed, leading to a memory leak and potential kernel cra...

Linux Distros Unpatched Vulnerability : CVE-2025-40226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the...

CVE-2025-40226

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...

CVE-2025-40226 firmware: arm_scmi: Account for failed debug initialization

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...

CVE-2025-20764

In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029...

CVE-2025-20764

CVE-2025-20764 affects the MediaTek “smi” component, where a missing bounds check allows an out-of-bounds write. This can enable local escalation of privilege for an attacker who already has System privileges, with no user interaction required. The issue is associated with patch ALPS10259774 (Iss...

EUVD-2021-33405

Malicious code in bioql PyPI...

EUVD-2021-33450

Malicious code in bioql PyPI...

usb: typec: ucsi: Limit read size on v1.2

...

spmi: mediatek: Fix UAF on device remove

...

PT-2025-22167

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the firmware arm scmi. The issue arises when using device find child to lookup the proper SCMI device to destroy, causin...

ARM SCP-Firmware 安全漏洞

ARM SCP-Firmware is a firmware driver from ARM UK. A security vulnerability exists in ARM SCP-Firmware version 2.15.0 and earlier, which stems from a specially crafted SCMI message that causes the SCP to experience a Usage Fault and crash...

UBUNTU-CVE-2022-48655

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations i...

CVE-2021-46794

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

CVE-2021-46749

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

CVE-2021-46794

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

CVE-2021-46749

Insufficient bounds checking in ASP AMD Secure Processor may allow for an out of bounds read in SMI System Management Interface mailbox checksum calculation triggering a data abort, resulting in a potential denial of service...

CVE-2021-46749

CVE-2021-46749 corresponds to an out-of-bounds read vulnerability in the AMD Secure Processor (ASP) affecting the System Management Interface (SMI) mailbox checksum calculation, caused by insufficient bounds checking. The vulnerability can trigger a data abort and potentially lead to a denial of ...