Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: The issue involves bcm: – a UAF Use-After-Free flaw in bcmprocshow. Bug: KASAN: A slabuse-after-free issue occurs in bcmprocshow+0x969/0xa80. A size 8 data block was read from address ffff888155846230 by the task cat/7862. CPU: 1...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

The brcm80211 component in the Linux kernel, from version 6.5.10 onwards, has a use-after-free issue in the code for disconnecting devices via hotplug i.e., removing the USB connection. For attackers who have physical access and local privileges, “this could be exploited in a real-world scenario....

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

Broadcom Symantec Endpoint Protection CleanWipe Removal Tool 权限许可和访问控制问题漏洞

The Broadcom CleanWipe Removal Tool is an enterprise-level security software uninstallation tool developed by Broadcom Corporation. Versions of the Broadcom CleanWipe Removal Tool prior to version 16.0.0.65 contained security vulnerabilities. These vulnerabilities could allow attackers with limit...

Broadcom Layer7 API Gateway 代码问题漏洞

Broadcom Layer7 API Gateway is an enterprise-level API gateway platform provided by Broadcom Corporation. There are code-related vulnerabilities in the Broadcom Layer7 API Gateway. These vulnerabilities originate from the interaction between client applications and the API gateway server...

CVE-2026-8370

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux zSeries, AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic...

EUVD-2026-32881

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43rx The firmware-controlled key index in b43rx can exceed the dev-key array size 58 entries. The existing B43WARNON is non-enforcing in production builds, allowing an...

kernel: wifi: brcmfmac: validate bsscfg indices in IF events

A flaw was found in the Linux kernel's brcmfmac Wi-Fi driver. This vulnerability occurs because the driver fails to properly validate bsscfg indices in interface IF events. An attacker could exploit this by sending a specially crafted IF event with an invalid bsscfg index, which could lead to an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the b43rx function in the b43 driver. This function fails to perform forced boundary checks on th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the XDPTX path. For the XDPTX action in bnxtrxxdp, clearing the event flags is incorrect. The sequence of calls bnxtpollwork - bnxtrxpkt - bnxtrxxdp may involve looping within the NAPI, and some event flags might be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cpufreq: brcmstb-avs-cpufreq – added a check for the return value of cpufreqcpuget. cpufreqcpuget may return NULL. To avoid NULL-reference checks, it should return 0 in case of an error. This issue was identified by the Linux...

Astra Linux - уязвимость в linux, linux-5.10

A buffer overflow vulnerability was discovered in the Linux kernel’s Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. It can allow a local user to crash the system or escalate their privileges...

CVE-2026-8370

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux zSeries, AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic...

CVE-2026-8370

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux zSeries, AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic...

EUVD-2026-30970

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux zSeries, AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic...

Broadcom Automic Automation Agent 安全漏洞

Broadcom Automic Automation Agent is a proxy program developed by Broadcom Corporation in the United States. It serves as an automation agent for enterprise-level tasks, supporting cross-platform job scheduling, process orchestration, and IT operations automation. It is suitable for automated...

PT-2026-42000

Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux zSeries, AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This issue affects Automic...

Linux kernel 安全漏洞

The Linux kernel is a product of the Linux Foundation, as is the Linux operating system itself. Other products like “roc” are developed by individual developers. “req” is a simple Go HTTP client that uses Black Magic technology. “ClickHouse” is an open-source product; “ch” is a low-level Go clien...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/broadcom: Fixed potential NULL dereferencing in srthermalprobe. platformgetresource may return NULL; added proper checks to avoid potential NULL dereferences...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: A memory out-of-bounds issue was fixed in bnxtfillhwrsstbl. A recent commit modified the code in bnxtreserverings to set the default RSS indirection table to the default value only when the number of RX rings is changing...