Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mfd: davincivoicecodec: Fixed a possible nullptrderef issue in davincivcprobe. This issue could lead to a nullptrderef when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource will preve...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevents the transmitted data size from exceeding the length of sgm. No check is performed on the size of the data to be transmitted. This can lead to a kernel panic when the transmitted data size exceeds the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs The value of pdata-gpiounbanked is retrieved from the Device Tree. If the Device Tree is corrupted due to any error, this value can be arbitrary. Without this value validation,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Do not use the strip and remove functions when the driver is built-in. Using exit for the remove function causes the remove callback to be discarded when CONFIGMMCDAVINCI=y. When such a device becomes unbound e.g.,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: A NULL check has been added in davincilpscclkregister. devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, resulting in a NULL pointer being...

ROS-20260324-73-0034

A vulnerability in the davinci component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability allows an attacker to cause a denial of service...

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005068)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005068 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: davinci: Don't strip remove function when driver is builtin Using exit for the remove functi...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004948)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004948 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory...

CVE-2023-31847

In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side...

EUVD-2023-60064

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peerid find ath12kpeerfindbyid requires that the caller hold the ab-baselock. Currently the WBM error path does not hold the lock and calling that function, leads to the following lockdepassertin...

OESA-2025-2773 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: media: davinci: vpif: fix use-after-free on driver unbind The driver allocates and registers two platform device structures during probe, but the devices were...

Siemens SCALANCE and RUGGEDCOM Devices Allocation of Resources Without Limits or Throttling (CVE-2024-39484)

mmc: davinci: Vulnerability from resource leaks. Using exit for the remove function results in the remove callback being discarded with CONFIGMMCDAVINCI=y. When such a device gets unbound e.g. using sysfs or hotplug, the driver is just removed without the cleanup being performed. This plugin only...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990407 advisory. In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata-gpiounbanked is taken from...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989625 advisory. In the Linux kernel, the following vulnerability has been resolved: mfd: davincivoicecodec: Fix possible null-ptr-deref davincivcprobe It will cause null-ptr-deref...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988687 advisory. In the Linux kernel, the following vulnerability has been resolved: mfd: davincivoicecodec: Fix possible null-ptr-deref davincivcprobe It will cause null-ptr-deref...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990164 advisory. In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata-gpiounbanked is taken from...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990344)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990344 advisory. In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata-gpiounbanked is taken from...

EUVD-2022-54794

In the Linux kernel, the following vulnerability has been resolved: mfd: davincivoicecodec: Fix possible null-ptr-deref davincivcprobe It will cause null-ptr-deref when using 'res', if platformgetresource returns NULL, so move using 'res' after devmioremapresource that will check it to avoid...

Linux Distros Unpatched Vulnerability : CVE-2023-53544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufrequnregisterdriver. If one of the cpufreq callbacks i...