51 matches found
CVE-2026-44712 pam_usb: Shell injection via device UUID and username in pamusb-conf and pamusb-agent
pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fixed error handling in atatdevadd In atatdevadd, the return value of transportadddevice is not checked. As a result, a null-ptr-deref occurs when removing the module, because transportremovedevice is calle...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ata: libata-transport: fixed error handling in atatlinkadd In atatlinkadd, the return value of transportadddevice is not checked. As a result, a nullptrdereference exception occurs when removing the module, because...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006671)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006671 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004851)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004851 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series rapidio: fix three possible...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992915)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992915 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatportadd In atatportadd, the return value of...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992862)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992862 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series rapidio: fix three possible...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993295)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993295 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatdevadd In atatdevadd, the return value of...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992510)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992510 advisory. In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series rapidio: fix three possible...
PT-2025-52959
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the btrfs subsystem related to the assertion of exclusive operation conditions during balance operations. Specifically, the issue arises when...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990797 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatlinkadd In atatlinkadd, the return value of...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990746)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990746 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatportadd In atatportadd, the return value of...
Linux Distros Unpatched Vulnerability : CVE-2022-50474
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - macintosh: fix possible memory leak in macioaddonedevice Afer commit 1fa5ae857bb1 driver core: get rid of struct device's busid string array, the name of device...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987392)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987392 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987168)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987168 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fix possible memory leak in mousevscprobe If hidadddevice returns error, it should...
CVE-2022-50474 macintosh: fix possible memory leak in macio_add_one_device()
In the Linux kernel, the following vulnerability has been resolved: macintosh: fix possible memory leak in macioaddonedevice Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically. It needs to be freed when ofdeviceregist...
SUSE CVE-2022-50343
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...
CVE-2022-50343
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...
UBUNTU-CVE-2022-50343
In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...
CVE-2022-50343
CVE-2022-50343 is a Linux kernel vulnerability in the rapid io (rapidio) subsystem. The issue is a memory-leak in error handling: when rio_add_device() returns an error, the name allocated by dev_set_name() was not freed, potentially leaking memory. The patch series “rapidio: fix three possible m...