39 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-52978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: psp: require admin permission for dev-set and key-rotate The dev-set and key-rotate netlink operations modify shared device state PSP version configuration...
EUVD-2026-38846
In the Linux kernel, the following vulnerability has been resolved: net: psp: require admin permission for dev-set and key-rotate The dev-set and key-rotate netlink operations modify shared device state PSP version configuration and cryptographic key material, respectively but do not require...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: Do not leak memory if devsetname fails. When devsetname fails, zcdncreate does not free the newly allocated resources. Fix this issue...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed the NULL pointer dereference in the route error path of ipv4 null-ptr-deref. The IPv4 code path in ipvsgetoutrt calls dstlinkfailure, without ensuring that skb-dev is set. This leads to a NULL pointer dereference in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we may leak nvmem-wpgpio because the cleanup does not handle it properly. While a minimal fix would be to add the gpiodput call, we can improve the situation by...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fix potential memleak in devmrtcallocatedevice devmrtcallocatedevice will alloc a rtcdevice first, and then run devsetname. If devsetname failed, the rtcdevice will memleak. Move devmaddactionorreset in front of...
EUVD-2026-28761
In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013502)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013502 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the cleanu...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010815)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010815 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after devsetname If devsetname fails, we leak nvmem-wpgpio as the cleanu...
SUSE CVE-2025-68813
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...
CVE-2025-68813 ipvs: fix ipv4 null-ptr-deref in route error path
In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...
SUSE CVE-2023-54017
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebusbusinit If deviceregister returns error in ibmebusbusinit, name of kobject which is allocated in devsetname called in deviceadd is leaked. As comment of deviceadd says, it shoul...
EUVD-2025-124943
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netifwakequeue in rtl8150setmulticast syzbot reported WARNING in rtl8150startxmit/usbsubmiturb. This is the sequence of events that leads to the warning: rtl8150startxmit netifstopqueue;...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989574)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989574 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iiosysfstriginit devsetname allocates memory for...
EUVD-2023-60040
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
Linux Distros Unpatched Vulnerability : CVE-2023-53568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if devsetname fails When devsetname fails, zcdncreate doesn't...
SUSE CVE-2023-53568
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if devsetname fails When devsetname fails, zcdncreate doesn't free the newly allocated resources. Do it...
CVE-2023-53568
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if devsetname fails When devsetname fails, zcdncreate doesn't free the newly allocated resources. Do it...
CVE-2023-53568 s390/zcrypt: don't leak memory if dev_set_name() fails
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if devsetname fails When devsetname fails, zcdncreate doesn't free the newly allocated resources. Do it...
CVE-2023-53568 s390/zcrypt: don't leak memory if dev_set_name() fails
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if devsetname fails When devsetname fails, zcdncreate doesn't free the newly allocated resources. Do it...