49 matches found
CVE-2026-34962
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...
EUVD-2026-29325
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...
CVE-2026-34962
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...
CVE-2026-34962 barebox ext4 Directory Parsing Infinite Loop Denial of Service
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...
CVE-2026-34962
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...
CVE-2026-34962 barebox ext4 Directory Parsing Infinite Loop Denial of Service
barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4common.c where the ext4fsiteratedir function fails to validate that directory entry length values are non-zero. Attackers can supply a malicious ext4 filesystem image with a...
CVE-2026-34962
CVE-2026-34962 affects barebox prior to 2026.04.0, where a vulnerability in ext4 directory parsing (fs/ext4/ext4_common.c) allows an infinite loop during directory listing or path resolution. The root cause is that ext4fs_iterate_dir() does not validate non-zero directory entry lengths, so a craf...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: serial: qcom-geni: Fix blocked task The changes made in commit 1afa70632c39 “serial: qcom-geni: Enable PM runtime for serial driver” and its dependent commit 86fa39dd6fb7 “serial: qcom-geni: Enable Serial on SA8255p Qualcomm...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Driver Core: Fixed the interaction between waitfordeviceprobe and deferredprobetimeout. The mounting of NFS rootfs timed out when deferredprobetimeout was non-zero 1. This occurred because the ipautoconfig initcall timed out...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Viawdt: fixed a critical boot hang caused by unnamed resource allocation. The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46706)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46706 advisory. - In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: mark last busy...
SUSE CVE-2025-71109
In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 "MIPS: Tracing: Reduce the overhead of dynamic Function Tracer", the macro UASMiLAmostly has been used, and this macro can...
via_wdt: fix critical boot hang due to unnamed resource allocation
...
SUSE CVE-2025-71114
In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...
CVE-2025-71114
In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...
UBUNTU-CVE-2025-71114
In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...
CVE-2025-71114
In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...
CVE-2025-71114 via_wdt: fix critical boot hang due to unnamed resource allocation
In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...
CVE-2025-71114
CVE-2025-71114 relates to the VIA watchdog driver in the Linux kernel. The driver uses allocate_resource() to reserve a MMIO region for the watchdog control register, but the resource lacked a name, causing the kernel resource tree to contain a entry under /proc/iomem on x86. During boot, this u...
CVE-2025-71114 via_wdt: fix critical boot hang due to unnamed resource allocation
In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...