26 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Fixed memory leak This checks whether CONFIGDEVCOREDUMP is enabled before attempting to clone the skb, and also ensures that btmtkprocesscoredump frees the skb following the same logic...
USN-8184-1: Linux kernel (Real-time) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8177-1 linux, linux-realtime vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8116-1: Linux kernel (Intel IoTG Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - ATM...
USN-8095-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...
CVE-2022-50734 nvmem: core: Fix memleak in nvmem_register()
In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...
USN-7909-5: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...
USN-7909-5 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...
USN-7909-3: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...
USN-7879-2 linux-realtime-6.14 vulnerabilities
It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...
AlmaLinux 9 : kernel (ALSA-2025:17760)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17760 advisory. kernel: HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 kernel: eventpoll: Fix semi-unbounded recursion CVE-2025-38614 kernel: ALSA:...
EUVD-2025-27921
Malicious code in bioql PyPI...
EUVD-2022-55003
Malicious code in bioql PyPI...
Ubuntu 25.04 : Linux kernel (Azure) vulnerabilities (USN-7721-1)
"The remote Ubuntu 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7721-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in th...
SUSE CVE-2025-38592
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...
CVE-2025-38592
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...
USN-7303-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...
CVE-2022-49223
The CVE-2022-49223 issue affects the Linux kernel, in the cxl/port path within cxl_core. The root cause is a use-after-free risk in cxl_decoder_release() when it dereferences its parent cxl_port to return an ID to port->decoder_ida, highlighting that the device core only guarantees parent life...
CVE-2022-49223
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...
CVE-2022-49223 cxl/port: Hold port reference until decoder release
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...