Lucene search
K

194 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: Initializing the event handler for read bytes A value of 0xff was set for I2C reads of the mctp-i2c device. Otherwise, reads will return “val” from the I2C bus driver. For I2c-aspeed and i2c-npcm7xx, this represents an...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return val from the i2c bus driver. For...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32331

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.8AI score0.00156EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:16 p.m.9 views

UBUNTU-CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.44 views

CVE-2026-45865 mctp i2c: initialise event handler read bytes

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

0.00156EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43732

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mctp-i2c device where i2c reads fail to initialize the event handler read bytes. This causes reads to return the val variable from the i2c bus driver. In the cases...

5.5CVSS5.4AI score0.00156EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: aspeed-vhub: The bug involving a refcount leak in astvhubinitdesc has been fixed. We should call ofnodeput for the reference returned by ofgetchildbyname, as this increased the refcount...

5.5CVSS6AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Media: aspeed – Fix the clock handling logic The Video Engine uses eclk and vclk as its clock sources. Its reset control is coupled with eclk, so the current clock enabling sequence works as follows: 1. Enable eclk. 2. De-assert...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iio: adc: aspeed: Fixed the refcount leak in aspeedadcsettrimdata. The function offindnodebyname returns a node pointer with a refcount incremented; we should use ofnodeput on it after processing. Added the missing ofnodeput...

5.5CVSS5.5AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: socinfo: Added kfree call for kstrdup. Added kfree in the subsequent error handling to avoid memory leaks...

5.5CVSS5.9AI score0.00186EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: serial: 8250aspeedvuart: Fixed the potential NULL dereferencing in aspeedvuartprobe. The platformgetresource function may fail and return NULL; therefore, we should better check its return value to avoid NULL pointer dereferencin...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: pinctrl: aspeed: Fixed a potential NULL dereferencing in aspeedpinmuxsetmux. pdesc could potentially be null, but still, dereferencing pdesc-name would lead to a NULL pointer access. Therefore, we moved a null check before the...

5.5CVSS6.4AI score0.00242EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before version 5.14.6. Local attackers who had access to the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileged operations, denoted as...

7.8CVSS6.6AI score0.00358EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/24 8:34 p.m.6 views

CVE-2026-31615

A flaw was found in the Linux kernel's renesasusb3 and aspeedudc drivers. These drivers did not properly validate endpoint index numbers provided by a host during standard USB requests, such as GETSTATUS and SET/CLEARFEATURE. This oversight could allow an attacker to provide a crafted endpoint...

5.5CVSS5.2AI score0.00125EPSS
Exploits0References4
Redos
Redos
added 2026/03/04 12:0 a.m.4 views

ROS-20260304-73-0021

A vulnerability in the aspeedlpcenablesnoop function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.1AI score0.0017EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: soc: aspeed: lpc-snoop: Do not disable channels that are not enabled. The following issues have been mitigated: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle a NULL...

5.5CVSS6.4AI score0.0015EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add a NULL check in aspeedlpcenablesnoop. devmkasprintf returns NULL when memory allocation fails. Currently, aspeedlpcenablesnoop does not check for this case, resulting in a NULL pointer being dereferenced. Add a...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: A NULL pointer check was added in astvhubinitdev. The variable d-name, returned by devmkasprintf, could potentially be NULL. A pointer check was added to prevent potential NULL pointer dereferencing. This is...

5.5CVSS6.3AI score0.00254EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.9 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-46836)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46836 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeedudc: validate endpoin...

7.8CVSS6.8AI score0.00244EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37881)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37881 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: Add NULL pointer...

5.5CVSS6.7AI score0.00254EPSS
Exploits0References2
Rows per page
Query Builder