Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: vduse: Fixed NULL pointer dereferencing during sysfs access. The control device does not have a drvdata field. Therefore, a NULL pointer dereferencing will occur when accessing the msgtimeout attribute of the control device via...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 socdevattr fixed to register the soc as a device, kernel will experience an oops in socdevicematchattr This quirk test was introduced in the staging driver in comm...

EUVD-2025-12908

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-21915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cdx: Fix possible UAF error in driveroverrideshow Fixed a possible UAF problem in driveroverrideshow in drivers/cdx/cdx.c This function driveroverrideshow is pa...

CVE-2025-37800

CVE-2025-37800 targets the Linux kernel driver core. A potential NULL pointer dereference in dev_uevent() could occur if userspace reads a uevent attribute while another thread unbinds the device, changing dev->driver from a valid pointer to NULL. The fix uses READ_ONCE() when fetching the dri...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unchecked optional device attribute that could lead to a null pointer dereference...

DEBIAN-CVE-2022-49868

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 socdevattr fixed to register the soc as a device, kernel will experience an oops in socdevicematchattr This quirk test was introduced in the staging driver in comm...

SUSE CVE-2025-21915

In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driveroverrideshow Fixed a possible UAF problem in driveroverrideshow in drivers/cdx/cdx.c This function driveroverrideshow is part of DEVICEATTRRW, which includes both driveroverrideshow and...

DEBIAN-CVE-2025-21915

In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driveroverrideshow Fixed a possible UAF problem in driveroverrideshow in drivers/cdx/cdx.c This function driveroverrideshow is part of DEVICEATTRRW, which includes both driveroverrideshow and...

CVE-2022-49329 vduse: Fix NULL pointer dereference on sysfs access

In the Linux kernel, the following vulnerability has been resolved: vduse: Fix NULL pointer dereference on sysfs access The control device has no drvdata. So we will get a NULL pointer dereference when accessing control device's msgtimeout attribute via sysfs: 132.841881 T3644 BUG: kernel NULL...

DEBIAN-CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

UBUNTU-CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

CVE-2024-44952

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-44952

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-44952

CVE-2024-44952 is associated with Siemens SCALANCE and RUGGEDCOM devices (OT environment). The issue is described as an improper locking that could lead to a deadlock in driver core during device detachment/attribute handling. The cited advisory fixes the problem by using synchronize_rcu() to pre...

UBUNTU-CVE-2024-35790

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

CVE-2024-35790

CVE-2024-35790 in the Linux kernel : The issue was in the DisplayPort/USB Type-C subsystem where sysfs nodes could be exposed before the driver finished setup, risking NULL pointer dereferences in hpd_show/pin_assignment_show due to dev_get_drvdata() returning NULL. The fix removes manual sysfs n...