Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: A crash occurred due to dereferencing an uninitialized pointer. Since commit 7d5e9737efda “net: rfkill: gpio: getting the name and type from device property”, the rfkillfindtype function is called with the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990108 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpidevicesetname' fails, we must fre...

EUVD-2020-25246

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986665)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986665 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: fix NULL pointer dereference Commit 71f642833284 ACPI: utils: Fix reference counting in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986461 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpidevicesetname' fails, we must fre...

AZL-68150 CVE-2025-39937 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda "net: rfkill: gpio: get the name and type from device property" rfkillfindtype gets called with the possibly uninitialized "const...

UBUNTU-CVE-2025-39937

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda "net: rfkill: gpio: get the name and type from device property" rfkillfindtype gets called with the possibly uninitialized "const...

CVE-2025-39937

CVE-2025-39937 affects the Linux kernel, specifically the rfkill GPIO code. A potential crash could occur on x86 when rfkill-gpio binds to BCM4752/LNV4752 ACPI devices because rfkill_find_type() used an uninitialized local pointer (type_name) if device_property_read_string() failed. The fix initi...

CVE-2025-39937 net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer

In the Linux kernel, the following vulnerability has been resolved: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer Since commit 7d5e9737efda "net: rfkill: gpio: get the name and type from device property" rfkillfindtype gets called with the possibly uninitialized "const...

EUVD-2022-37793

Malicious code in bioql PyPI...

PT-2025-40633

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s net/rfkill/gpio subsystem where an uninitialized pointer can lead to a crash. This issue arises from the rfkill find type function being called with a...

CVE-2022-50327

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value The return value of acpifetchacpidev could be NULL, which would cause a NULL pointer dereference to occur in acpidevicehid. rjw: Subject and changelog edits, added empty...

AZL-74646 CVE-2022-50327 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value The return value of acpifetchacpidev could be NULL, which would cause a NULL pointer dereference to occur in acpidevicehid. rjw: Subject and changelog edits, added empty...

DEBIAN-CVE-2022-50327

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value The return value of acpifetchacpidev could be NULL, which would cause a NULL pointer dereference to occur in acpidevicehid. rjw: Subject and changelog edits, added empty...

CVE-2022-50327 ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value The return value of acpifetchacpidev could be NULL, which would cause a NULL pointer dereference to occur in acpidevicehid. rjw: Subject and changelog edits, added empty...

CVE-2022-50327 ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value

In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: idle: Check acpifetchacpidev return value The return value of acpifetchacpidev could be NULL, which would cause a NULL pointer dereference to occur in acpidevicehid. rjw: Subject and changelog edits, added empty...

CVE-2020-3981

VMware ESXi 7.0 before ESXi7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG, Workstation 15.x, Fusion 11.x before 11.5.6 contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative...

Vulnerability of the acpi_device_add() function in the drivers/acpi/scan.c module – The ACPI support driver for the Linux kernel’s core, which allows attackers to access protected information.

Vulnerability of the acpideviceadd function in the drivers/acpi/scan.c module – The ACPI support driver for the Linux kernel’s processor is vulnerable to a vulnerability where improper memory release occurs before removing the last reference point memory leak. Exploiting this vulnerability could...

CVE-2025-23136 thermal: int340x: Add NULL check for adev

In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 "platform/x86: int3472: Check for adev == NULL". Add a check for adev not...

The vulnerability of the acpi_device_setup_files() function in the drivers/acpi/device_sysfs.c file of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the acpidevicesetupfiles function in the drivers/acpi/devicesysfs.c file of the Linux kernel relates to access to resources through incompatible types. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...