Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fixed a use-after-free vulnerability in the cdnsi3cmasterprobe function due to race conditions. In the cdnsi3cmasterprobe function, &master-hjwork is bound to cdnsi3cmasterhj. The cdnsi3cmasterinterrupt functio...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011322 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: cadence: Check for the existence of cdnspcie::ops before using it cdnspcie::ops might not be...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50061)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50061 advisory. - In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free...

ROS-20260113-7355

A vulnerability in the cdnsi3cmasterremove function in the drivers/i3c/master/i3c-master-cdns.c module of the Linux kernel is related to the reuse of previously freed memory due to competitive access to a resource race condition. Exploitation of the vulnerability may allow an intruder to affect t...

CVE-2023-54009

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: cdnsi2cmasterxfer: Fix runtime PM leak on error path The cdnsi2cmasterxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currentl...

CVE-2023-54009

No concrete technical details for CVE-2023-54009 are provided in the Connected documents. The Linux kernel runtime PM leak fix description appears only in the Initial document; no vendor/product/version specifics or remediation details are reproduced here.

CVE-2023-54009 i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: cdnsi2cmasterxfer: Fix runtime PM leak on error path The cdnsi2cmasterxfer function gets a runtime PM reference when the function is entered. This reference is released when the function is exited. There is currentl...

PT-2025-52966

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The cdns i2c master xfer function in the Linux kernel has a runtime power management PM leak on an error path. The function acquires a runtime PM reference upon entry and releases it upo...

CVE-2025-68176

Technical details about CVE-2025-68176 are not publicly provided in the supplied documents. No affected product/version or fix specifics are disclosed here. Monitor for updates from vendors.

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-383728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383728 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference In cdnsmhdpatomicenable, the...

Nuxt allows DOS via cache poisoning with payload rendering response

Summary By sending a crafted HTTP request to a server behind an CDN, it is possible in some circumstances to poison the CDN cache and highly impacts the availability of a site. It is possible to craft a request, such as https://mysite.com/?/payload.json which will be rendered as JSON. If the CDN ...

i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition

...

LottieFiles Issues Warning About Compromised "lottie-player" npm Package

LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to release an updated version of the library. "On October 30th 6:20 PM UTC - LottieFiles were notified that our popular open source npm package for the web player...

How Security Edge Revolutionizes API Security

Wallarm’s Security Edge is setting a new standard in API security—far beyond the reach of traditional Content Delivery Networks CDNs. Let’s get it straight: Security Edge is not just a new addition to the API security market; it’s a disruption. Designed to deliver fast, effective, and advanced AP...

SUSE CVE-2024-50061

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

AZL-50806 CVE-2024-50061 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

AZL-50839 CVE-2024-50061 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

DEBIAN-CVE-2024-50061

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

UBUNTU-CVE-2024-50061

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

CVE-2024-50061

CVE-2024-50061 affects the Linux kernel’s i3c: master cdns_i3c_master driver. The root cause is a use-after-free race: cdns_i3c_master_hj_work scheduled in cdns_i3c_master_probe can run after cdns_i3c_master_remove frees master->base via i3c_master_unregister. The documented fix is to cancel t...