Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Check the bearer type before calling tipcudpnlbeareradd. syzbot reported the following general protection fault 1: General protection fault, likely for a non-canonical address 0xdffffc0000000010: 0000 1 PREEMPT SMP KASAN...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ARM: In the dts section, for the qcom device, replace the gcc PXO parameter with pxoboard fixed clock. Replace the gcc PXO handle with pxoboard fixed clock, which is declared in the dts file. The gcc driver does not provide PXOSR...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a deadlock during uvcprobe If uvcprobe fails, it may end up calling uvcstatusunregister before uvcstatusinit is called. This issue was fixed by checking whether dev-status is NULL during uvcstatusunregister...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A vulnerability has been discovered in the Linux kernel. It has been classified as problematic. The affected function is nilfsnew inode in the file fs/nilfs2/inode.c of the BPF component. This vulnerability allows for manipulation after the memory allocation function free is called. The attack ca...

ALPINE-CVE-2025-68615

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...

AZL-72901 CVE-2025-68615 affecting package net-snmp for versions less than 5.9.5.2-1

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...

CVE-2025-68615 Net-SNMP snmptrapd crash

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-060)

The version of kernel installed on the remote host is prior to 5.10.217-205.860. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-060 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial...

CVE-2024-1659 Arbitrary File Upload in MegaBIP

Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the server including a PHP code file without an authentication. This issue affects MegaBIP software versions through 5.10...

DLA-3512-1 linux-5.10 - security update

Bulletin has no description...

Trellix ePolicy Orchestrator 跨站脚本漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 SP1 Update 1, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability. The vulnerability can...

GSD-2023-1002359 Fix page corruption caused by racy check in __free_pages

Fix page corruption caused by racy check in freepages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.94 by commit...

GSD-2023-1000901 ext4: don't set up encryption key during jbd2 transaction

ext4: don't set up encryption key during jbd2 transaction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

GSD-2023-1000758 ASoC: qcom: Add checks for devm_kcalloc

ASoC: qcom: Add checks for devmkcalloc This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit 7830e2289eb4b74970b6cd1b6cc68dcd021c228...

GSD-2023-1000465 staging: media: tegra-video: fix device_node use after free

staging: media: tegra-video: fix devicenode use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

GSD-2023-1000439 ext4: don't set up encryption key during jbd2 transaction

ext4: don't set up encryption key during jbd2 transaction This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

GSD-2023-1000233 char: tpm: Protect tpm_pm_suspend with locks

char: tpm: Protect tpmpmsuspend with locks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.158 by commit...

PT-2022-33516 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.10 through v5.19.1 Description: The issue concerns the alignment for DMA safety in the mpu6050 driver. It was introduced in version v5.10 and fixed in version v5.19.2. The actual impact and attack plausibility have no...

GSD-2022-1004473 tipc: fix use-after-free Read in tipc_named_reinit

tipc: fix use-after-free Read in tipcnamedreinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...