27 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be called under the spin lock in the reported case, it happens from genpdadddevice - devpmdomainset, when the genpd uses spinlocks rather...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fixed a potential UAF issue in OPP handling. Ensured that all required data is acquired before calling devpmoppputop, to maintain the correct order of resource acquisition and release...
EUVD-2025-209967
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990090)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990090 advisory. In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be...
CVE-2023-53670
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix devpmqos memleak Call devpmqoshidelatencytolerance in the error unwind patch to avoid following kmemleak:- blktests master kmemleak-clear; ./check nvme/044; blktests master kmemleak-scan ; kmemleak-show nvme/044 Te...
EUVD-2021-20806
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2015-3854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - packages/SystemUI/src/com/android/systemui/power/PowerNotificationWarnings.java in Android 5.x allows attackers to bypass a DEVICEPOWER permission requirement v...
CVE-2025-38010 phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking
In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking The current implementation uses biaspadenable as a reference count to manage the shared bias pad for all UTMI PHYs. However, during system suspension with connecte...
CVE-2025-40556
A vulnerability has been identified in BACnet ATEC 550-440 All versions, BACnet ATEC 550-441 All versions, BACnet ATEC 550-445 All versions, BACnet ATEC 550-446 All versions. Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the sa...
PT-2025-20864 · Unknown · Bacnet Atec 550-441 +3
Name of the Vulnerable Software and Affected Versions: BACnet ATEC 550-440 All versions BACnet ATEC 550-441 All versions BACnet ATEC 550-445 All versions BACnet ATEC 550-446 All versions Description: A vulnerability has been identified in the affected devices, which improperly handle specific...
CVE-2025-24341
The CVE-2025-24341 vulnerability affects the web application of ctrlX OS. A remote authenticated (low-privileged) attacker can induce a Denial-of-Service (DoS) on the device by sending multiple crafted HTTP requests, with the worst case requiring a full power cycle to regain control. According to...
Vulnerability of the dev_pm_skip_resume() function in the drivers/base/power/main.c module – a driver for kernel-based PCI devices in the Linux operating system, which allows a hacker to trigger a service failure.
Vulnerability of the devpmskipresume function in the drivers/base/power/main.c module – The Linux kernel’s bus device support driver is vulnerable to synchronization errors when using shared resources. Exploiting this vulnerability could allow an attacker to cause a service failure...
SUSE CVE-2022-49175
In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be called under the spin lock in the reported case it happens from genpdadddevice - devpmdomainset, when the genpd uses spinlocks rather...
SUSE CVE-2022-49496
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko If the driver support subdev mode, the parameter "dev-pm.dev" will be NULL in mtkvcodecdecremove. Kernel will crash when try to rmmod mtk-vcodec-dec.ko...
DEBIAN-CVE-2022-49175
In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be called under the spin lock in the reported case it happens from genpdadddevice - devpmdomainset, when the genpd uses spinlocks rather...
CVE-2023-38297
An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup versionCode='3', versionName='2.1...
The vulnerability of the idxd component in the Linux operating system’s kernel allows a hacker to execute arbitrary code.
The vulnerability of the idxd component in the Linux operating system’s kernel allows for modifications to be made when the device is turned on, but the wq function is disabled. Exploiting this vulnerability could enable a perpetrator to execute arbitrary code...
PT-2024-19148 · Google · Android
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue concerns an out-of-bounds OOB read in a plugin, which can lead to memory disclosure within the power management subsystem of a device. Recommendations: At the moment, there is...
CVE-2023-47354
An issue in the PowerOffWidgetReceiver function of Super Reboot Root Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent...
CVE-2023-45844
The vulnerability allows a low privileged user that have access to the device when locked in Kiosk mode to install an arbitrary Android application and leverage it to have access to critical device settings such as the device power management or eventually the device secure settings ADB debug...