Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64/entry: The DAIF flag was unmasked in cpuswitchto, and in callonirqstack. cpuswitchto and callonirqstack manipulate the SP register to switch to different stacks, along with the Shadow Call Stack if it is enabled. These t...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM’s integrated assembler would incorrectly byte-swap NOPs when compiling for big-endian, and the resulting bytes happened to match the...

Out-of-bounds Read

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38320)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38320 advisory. - In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds re...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988651 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftracebug It was reported that a bug on arm64 cause...

CVE-2025-40102

CVE-2025-40102 affects the Linux kernel KVM/ARM64: an attacker could access vCPU events before a vCPU is initialized, leading to misinterpretation of uninitialized data and potential exception handling issues. The description and connected advisories (EulerOS kernel advisories) confirm this as a ...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-408908)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-408908 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NTARMTAGGEDADDRCTRL Currently taggedaddrctrlset doesn't...

EUVD-2025-22371

Malicious code in bioql PyPI...

Heap-based Buffer Overflow

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

Linux Distros Unpatched Vulnerability : CVE-2022-50206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes table-data for procdointvecminmax and can generate the following Oops...

CVE-2025-8028

On arm64, a WASM brtable instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability was fixed in Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1,...

UBUNTU-CVE-2025-38170

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Discard stale CPU state when handling SME traps The logic for handling SME traps manipulates saved FPSIMD/SVE/SME state incorrectly, and a race with preemption can result in a task having TIFSME set and...

CVE-2022-50232 arm64: set UXN on swapper page tables

In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...

CVE-2022-50230 arm64: set UXN on swapper page tables

In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables This issue was fixed upstream by accident in c3cee924bd85 "arm64: head: cover entire kernel image in initial ID map" as part of a large refactoring of the arm64 boot flow. This simple fix is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from arm64 not setting the UXN in the swapper page table, which could result in access being denied...

CVE-2025-37929 arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays Commit a5951389e58d "arm64: errata: Add newer ARM cores to the spectrebhbloopaffected lists" added some additional CPUs to the Spectre-BHB workaround, including some...

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array CVE-2025-21785 For more details about the security issues, includin...

CVE-2025-21785 arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array

In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions...

CVE-2024-53195 KVM: arm64: Get rid of userspace_irqchip_in_use

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Get rid of userspaceirqchipinuse Improper use of userspaceirqchipinuse led to syzbot hitting the following WARNON in kvmtimerupdateirq: WARNING: CPU: 0 PID: 3281 at arch/arm64/kvm/archtimer.c:459...

CVE-2024-39488

In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...