38 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: chardev: Fixed error handling in cdevdeviceadd. While performing fault injection tests, the following issue was reported: ------------ Cut here ------------ kobject: “null” 0000000039956980: Not initialized, yet kobjectput is bei...
CVE-2026-43447
Summary: CVE-2026-43447 affects the Linux kernel iavf driver. A race condition arises when a PTP worker that caches PHC time is not stopped during adapter reset/disable, potentially freeing AQ-backed resources while the worker runs. If the worker calls into ptp commands during teardown, memory/lo...
PT-2026-39108
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the iavf driver. A worker introduced to cache PHC PTP Hardware Clock time is not stopped during reset or disable operations. This creates a race conditio...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006889)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006889 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011109)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011109 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel...
Linux Distros Unpatched Vulnerability : CVE-2026-34177
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmo...
CVE-2026-34177
Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...
PT-2026-31595
Name of the Vulnerable Software and Affected Versions Canonical LXD versions 4.12 through 6.7 Description Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in the isVMLowLevelOptionForbidden function lxd/project/limits/permissions.go. This denylist omits raw.apparmor and...
SUSE-SU-2026:0350-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50282: chardev: fix error handling in cdevdeviceadd bsc1249739. - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. - CVE-2022-50700:...
ROS-20260128-73-0026
A vulnerability in the drivers/platform/chrome/crosecchardev.c module of the Linux kernel is related to insufficient protection of service data. Exploitation of the vulnerability could allow an attacker to disclose protected information...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992841)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992841 advisory. In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the followin...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992306)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992306 advisory. In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the followin...
EUVD-2022-55573
Malicious code in bioql PyPI...
SUSE CVE-2022-50282
In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the following report: ------------ cut here ------------ kobject: 'null' 0000000039956980: is not initialized, yet kobjectput is being called...
DEBIAN-CVE-2022-50282
In the Linux kernel, the following vulnerability has been resolved: chardev: fix error handling in cdevdeviceadd While doing fault injection test, I got the following report: ------------ cut here ------------ kobject: 'null' 0000000039956980: is not initialized, yet kobjectput is being called...
CVE-2025-37985 USB: wdm: close race between wdm_open and wdm_wwan_port_stop
In the Linux kernel, the following vulnerability has been resolved: USB: wdm: close race between wdmopen and wdmwwanportstop Clearing WDMWWANINUSE must be the last action or we can open a chardev whose URBs are still poisoned...
SUSE CVE-2023-53059
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...
DEBIAN-CVE-2023-53059
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...
UBUNTU-CVE-2023-53059
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...
kernel: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insize in struct croseccommand1 when invoking EC host commands. Fix it by using zeroed memory. 1:...