Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Avoid leaving a dangling sk pointer in rfcommsockalloc btsockalloc attaches the allocated sk object to the provided sock object. If rfcommdlcalloc fails, we release the sk object, but leave a dangling pointer i...

CVE-2026-43068

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4mbfindbygoal There's issue as follows: ... EXT4-fs mmcblk0p1: Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117 EXT4-fs...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: added a sanity check for agwidth in dbMount. When the width of the AG in dmapctl is zero, a divide error occurs when calculating the control page level in dbAllocAG. To avoid this issue, a check for agwidth was added in...

CVE-2026-23431

CVE-2026-23431 affects the Linux kernel component amlogic-spisg (spi driver). The issue is a memory leak in aml_spisg_probe() where ctlr allocated via spi_alloc_target()/spi_alloc_host() is not released on several error paths, causing leaks if probe fails after initial allocation. The fix uses me...

EUVD-2026-5862

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibahaps: Fix memory leaks in add/remove routines toshibahapsadd leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshibahapsremove does not free the object...

CVE-2026-22999 net/sched: sch_qfq: do not free existing class in qfq_change_class()

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass Fixes qfqchangeclass error case. cl-qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF...

PT-2025-49052

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's Panthor driver related to GPU virtual address GPUVA region unmapping. Specifically, a kernel panic can occur when userspace attempts to partially unma...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987628)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987628 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between nbdallocconfig and module removal When nbd module is being removing,...

EUVD-2021-0428

Malware in sbrugna...

EUVD-2023-57231

Malicious code in bioql PyPI...

EUVD-2024-51844

Malicious code in bioql PyPI...

EUVD-2025-25087

Malicious code in bioql PyPI...

CVE-2025-39891

CVE-2025-39891 (Linux kernel) affects the wifi: mwifiex driver. The chan_stats[] memory is allocated with vmalloc() and not zeroed, and the array is only partially initialized in mwifiex_update_chan_statistics(). This can allow an information leak if data hasn’t been filled before a user query vi...

CVE-2025-38626 f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to trigger foreground gc during f2fsmapblocks in lfs mode w/ "mode=lfs" mount option, generic/299 will cause system panic as below: ------------ cut here ------------ kernel BUG at fs/f2fs/segment.c:2835! Call Trace:...

Linux Distros Unpatched Vulnerability : CVE-2023-53134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all t...

openSUSE Security Advisory (SUSE-SU-2025:02769-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for amber-cli

This update for amber-cli fixes the following issues: Update to version 1.13.1+git20250329.c2e3bb8: CVE-2025-30204: Fixed jwt-go excessive memory allocation during header parsing bsc1240511 jwt version upgrade 174 Update policy size limit to 20k 173 Update tenant user model with latest changes 17...

AZL-73013 CVE-2025-38395 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpiodesc' pointers. But the memory is allocated for only one pointer. This will lead to out-of-bounds access later ...

CVE-2025-38395

In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpiodesc' pointers. But the memory is allocated for only one pointer. This will lead to out-of-bounds access later ...

CVE-2025-38274 fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...