34 matches found
Astra Linux - уязвимость в linux
A vulnerability was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before version 5.14.6. Local attackers who had access to the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileged operations, denoted as...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add a NULL check in aspeedlpcenablesnoop. devmkasprintf returns NULL when memory allocation fails. Currently, aspeedlpcenablesnoop does not check for this case, which results in a NULL pointer being dereferenced. Add...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
ROS-20260304-73-0021
A vulnerability in the aspeedlpcenablesnoop function of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38145)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38145 advisory. - In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001432)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001432 advisory. An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414528)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414528 advisory. An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC...
EUVD-2021-29228
Malicious code in bioql PyPI...
EUVD-2025-22876
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-42252
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspee...
AZL-65931 CVE-2025-38487 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
DEBIAN-CVE-2025-38487
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
UBUNTU-CVE-2025-38487
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
CVE-2025-38487
CVE-2025-38487 relates to the Linux kernel ASPEED SoC LPC snoop driver. The vulnerability arises from disabling channels that aren’t enabled, which can lead to a NULL pointer dereference and a kernel Oops on ARM systems, as illustrated by the provided trace. The Ubuntu/Astra Linux advisory confir...
CVE-2025-38487 soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
CVE-2025-38487
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
AZL-64607 CVE-2025-38145 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in aspeedlpcenablesnoop devmkasprintf returns NULL when memory allocation fails. Currently, aspeedlpcenablesnoop does not check for this case, which results in a NULL pointer dereference. Add NULL chec...
PT-2025-31083
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc1-00009-g926217bc7d7d Description A flaw exists in the Linux kernel related to the aspeed lpc-snoop driver. Specifically, the driver does not prevent disabling channels that are not currently enabled,...
PT-2025-27731
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue has been identified in the Linux kernel. The problem arises from the aspeed lpc enable snoop function not checking for a NULL return value from devm...
K65280235: Linux vulnerability CVE-2021-42252
Security Advisory Description An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka...