Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but are written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG...

CVE-2026-31542

A flaw was found in the Linux kernel's x86/platform/uv component. When a socket is deconfigured, it is incorrectly mapped to SOCKEMPTY instead of NUMANONODE. This improper handling can lead to a system panic during the allocation of UV hub information structures, resulting in a Denial of Service...

CVE-2026-31542

CVE-2026-31542 affects the Linux kernel x86/platform/uv component. When a socket is deconfigured, it is mapped to SOCK_EMPTY (0xffff) instead of NUMA_NO_NODE, causing a panic during allocation of UV hub info structures and potentially DoS. The fixes patch the behavior to allocate on valid NUMA no...

PT-2026-34894

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCK EMPTY 0xffff. This causes a panic while allocating UV hub info structures. Fix this by using NUMA NO NODE, allowing UV hub info...

EUVD-2025-13157

Malicious code in bioql PyPI...

CVE-2023-53108

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...

CVE-2023-53108

CVE-2023-53108 – Linux kernel (net/iucv) : The vulnerability arises from incorrect sizing of iucv_irq_data, which must be 4 bytes larger. The under-allocation can permit a Redzone/heap corruption (dma-kmalloc-64) during iucv_init/cpu hotplug flow, with objects showin g incomplete frees in the obs...

CVE-2024-8889 Improper Input Validation vulnerability on CIRCUTOR TCP2RS+

Vulnerability in CIRCUTOR TCP2RS+ firmware version 1.3b, which could allow an attacker to modify any configuration value, even if the device has the user/password authentication option enabled, without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the...

CVE-2024-8889

CVE-2024-8889 affects CIRCUTOR TCP2RS+ firmware v1.3b. The root cause is improper input validation that lets an attacker modify any configuration value via UDP port 2000 without authentication, even if user/password is enabled, deconfiguring the device and causing it to be unusable. The issue imp...

PT-2024-39301 · Circutor · Circutor Tcp2Rs+

Name of the Vulnerable Software and Affected Versions: CIRCUTOR TCP2RS+ version 1.3b Description: The issue allows an attacker to modify any configuration value without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use,...

CVE-2024-26812 vfio/pci: Create persistent INTx handler

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL context through the...

kernel: net/iucv: Fix size of interrupt data

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG dma-kmalloc-64 Not...