Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Resource: Fix for regionintersects vs. addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like this: 490000000-50fffffff : CXL Window 0 490000000-50fffffff : region0...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38072)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38072 advisory. - In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in...

UBUNTU-CVE-2023-54323

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040...

OESA-2025-2882 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:tcpmetrics: validate source addr lengthI don t see anything checking that TCPMETRICSATTRSADDRIPV4is at least 4 bytes long, and the policy doesn t have an entryfor...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-408758)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-408758 advisory. In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resourc...

EUVD-2025-18581

Malicious code in bioql PyPI...

SUSE SLES12 Security Update : kernel (SUSE-SU-2025:02846-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02846-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

CVE-2025-38252 cxl/ras: Fix CPER handler device confusion

In the Linux kernel, the following vulnerability has been resolved: cxl/ras: Fix CPER handler device confusion By inspection, cxlcperhandleproterr is making a series of fragile assumptions that can lead to crashes: 1/ It assumes that endpoints identified in the record are a CXL-type-3 device,...

CVE-2025-38072

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

SUSE CVE-2025-38072

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

CVE-2025-38072

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

CVE-2025-38072 libnvdimm/labels: Fix divide error in nd_label_data_init()

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

CVE-2025-38072 libnvdimm/labels: Fix divide error in nd_label_data_init()

In the Linux kernel, the following vulnerability has been resolved: libnvdimm/labels: Fix divide error in ndlabeldatainit If a faulty CXL memory device returns a broken zero LSA size in its memory device information Identify Memory Device Opcode 4000h, CXL spec. 3.1, 8.2.9.9.1.1, a divide error...

CVE-2025-38072

CVE-2025-38072 affects the Linux kernel in the libnvdimm/labels component. A faulty CXL memory device can report a zero LSA size, causing config_size to be zero and leading to max_xfer being zero. This triggers a division by zero in the nd_label_data_init/label handling flow (divide error in libn...

kernel: resource: fix region_intersects() vs add_memory_driver_managed()

In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the resource tree /proc/iomem related to CXL memory may look like something as follows. 490000000-50fffffff : CXL Window 0 490000000-50fffffff ...

CVE-2022-49896

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix cxlpmemregion and cxlmemdev leak When a cxlnvdimm object goes through a -remove event device physically removed, nvdimm-bridge disabled, or nvdimm device disabled, then any associated regions must also be disabled. ...

PT-2025-25846

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A divide error occurs in the libnvdimm driver when a faulty CXL memory device returns a broken zero LSA size in its memory device information. This error happens because the config size ...

Linux Distros Unpatched Vulnerability : CVE-2024-49878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs addmemorydrivermanaged On a system with CXL memory, the...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49878)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49878 advisory. - In the Linux kernel, the following vulnerability has been resolved: resource: fix regionintersects vs...

CVE-2024-50303

In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walksystemramresrev must retain resource flags walksystemramresrev erroneously discards resource flags when passing the information to the callback. This causes systems with IORESOURCESYSRAMDRIVERMANAGED memory to...