Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: Fixed a use-after-free vulnerability in the ssiProtocol Driver due to race conditions. In the ssiProtocolprobe function, &ssi-work is bound to ssipxmitwork. In ssippnsetup, the ssippnxmit function within the...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the tty subsystem, for the ngsm module, a race condition occurred during the modification of the status line of a dead connection. The gsmcleanupmux function cleans up the GSM-related resources by closing all Data Link Control...

CVE-2026-43473

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation o...

CVE-2022-50543 RDMA/rxe: Fix mr->map double free

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr-map double free rxemrcleanup which tries to free mr-map again will be called when rxemrinituser fails: CPU: 0 PID: 4917 Comm: rdmaflushserv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ 25 Hardware name: QEMU...

EUVD-2025-12904

Malicious code in bioql PyPI...

CVE-2025-21661 gpio: virtuser: fix missing lookup table cleanups

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from...

AZL-54183 CVE-2024-53140 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...

DEBIAN-CVE-2024-50061

In the Linux kernel, the following vulnerability has been resolved: i3c: master: cdns: Fix use after free vulnerability in cdnsi3cmaster Driver Due to Race Condition In the cdnsi3cmasterprobe function, &master-hjwork is bound with cdnsi3cmasterhj. And cdnsi3cmasterinterrupt can call...

DEBIAN-CVE-2023-52872

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix race condition in status line change on dead connections gsmcleanupmux cleans up the gsm by closing all DLCIs, stopping all timers, removing the virtual tty devices and clearing the data queues. This procedure,...

UBUNTU-CVE-2023-52872

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix race condition in status line change on dead connections gsmcleanupmux cleans up the gsm by closing all DLCIs, stopping all timers, removing the virtual tty devices and clearing the data queues. This procedure,...

CVE-2023-52872

CVE-2023-52872 affects the Linux kernel in the tty/n_gsm subsystem. A race condition during status line changes on dead connections in gsm_cleanup_mux() could lead to a kernel panic after the cleanup sequence closes DLCIs, stops timers, and clears queues, while the outgoing data queue continues t...

kernel: saa7134: race condition leading to use-after-free in saa7134_finidev()

A race condition was found in the Linux kernel's saa7134 device driver. This occurs when removing the module before cleanup in the saa7134finidev function which can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors...

InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29888 SUMMARY A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks...