Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fixed the programming of HCIUTRLNEXUSTYPE. On the Google gs101, the number of UTP transfer request slots is 32. In this case, the driver incorrectly programs UTRLNEXUSTYPE as 0. This occurs because the left sid...

EUVD-2025-28925

Malicious code in bioql PyPI...

SUSE CVE-2025-39788

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCIUTRLNEXUSTYPE On Google gs101, the number of UTP transfer request slots nutrs is 32, and in this case the driver ends up programming the UTRLNEXUSTYPE incorrectly as 0. This is because the...

UBUNTU-CVE-2025-39788

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCIUTRLNEXUSTYPE On Google gs101, the number of UTP transfer request slots nutrs is 32, and in this case the driver ends up programming the UTRLNEXUSTYPE incorrectly as 0. This is because the...

CVE-2025-39788 scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCIUTRLNEXUSTYPE On Google gs101, the number of UTP transfer request slots nutrs is 32, and in this case the driver ends up programming the UTRLNEXUSTYPE incorrectly as 0. This is because the...

CVE-2025-39788

CVE-2025-39788 affects the Linux kernel SCSI/ufs Exynos driver (gs101). The issue is in the USB/UFS host path where the left shift to set UTRL_NEXUS_TYPE is performed on an int, causing an out-of-bounds shift and writing an incorrect value (0xffffffff on gs101). The fix switches to the BIT() macr...

SUSE CVE-2025-38217

In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fix TOCTOU race in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. It is first checked again...

PT-2025-37245

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the SCSI UFS Exynos driver. Specifically, the programming of HCI UTRL NEXUS TYPE was incorrect on Google gs101 devices due to an integer...

DEBIAN-CVE-2025-38217

In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fix TOCTOU race in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. It is first checked again...

AZL-64707 CVE-2025-38217 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fix TOCTOU race in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. It is first checked again...

SUSE CVE-2022-49748

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using 32 bit arithmetic and then passed as a 64 bit function argument. In the case where i is 32 or more...

DEBIAN-CVE-2022-49748

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using 32 bit arithmetic and then passed as a 64 bit function argument. In the case where i is 32 or more...

UBUNTU-CVE-2022-49748

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using 32 bit arithmetic and then passed as a 64 bit function argument. In the case where i is 32 or more...

UBUNTU-CVE-2024-26902

In the Linux kernel, the following vulnerability has been resolved: perf: RISCV: Fix panic on pmu overflow handler 1 idx of int is not desired when setting bits in unsigned long overflowedctrs, use BIT instead. This panic happens when running 'perf record -e branches' on sophgo sg2042. 273.311852...