Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: Boards: The issue of NULL pointer dereferencing in BYT/CHT boards has been fixed. Since commit 13f58267cda3 “ASoC: soc.h: Do not create dummy components via COMPDUMMY”, dummy codecs were declared as follows:...

Azure Linux 3.0 Security Update: kernel (CVE-2025-23157)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23157 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to...

EUVD-2025-13086

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-23157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi parser: A check was added to avoid out-of-bound access. There is a possibility that initcodecs may be invoked multiple times during manipulation of the payload from video firmware. In such cases, if codecscount...

SUSE CVE-2025-23157

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

DEBIAN-CVE-2025-23157

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

UBUNTU-CVE-2025-23157

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

CVE-2025-23157

CVE-2025-23157 affects the Linux kernel’s media/venus/hfi_parser. Root cause: init_codecs can be invoked multiple times by manipulated video firmware payload, causing codecs_count to exceed MAX_CODEC_NUM and trigger an out-of-bounds access. The fix resets the counter to start from the beginning t...