Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fixed the warning when removing the module When removing the module, the following warning will appear: 14.746697 removeprocentry: Removing the non-empty directory ‘irq/21’; data is being leaked at least from...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the JWT verification process. An attacker can gain unauthorized enrollment of rogue devices by submitting a forged JWT with arbitrary identity claims, as the system fails to verify th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988985 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get th...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989651 advisory. In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988800)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988800 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987521 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call...

SunPower PVS6

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain full access to the device, enabling them to replace firmware, modify settings, disable the device, create SSH tunnels, and manipulate attached devices. 2. RECOMMENDED PRACTICES CISA recommends users take...

SUSE CVE-2022-49314

In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call pcireleaseregions and pcidisabledevice to recycle the resource previously allocated...

SUSE CVE-2022-49525

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get the following warning: 14.746697 removeprocentry: removing non-empty directory 'irq/21', leaking at least 'cx258211' 14.747449 WARNING...

CVE-2022-49460

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399dmc: Disable edev on remove Otherwise we hit an unablanced enable-count when unbinding the DFI device: 1279.659119 ------------ cut here ------------ 1279.659179 WARNING: CPU: 2 PID: 5638 at...

UBUNTU-CVE-2022-49314

In the Linux kernel, the following vulnerability has been resolved: tty: Fix a possible resource leak in icomprobe When pcireadconfigdword failed, call pcireleaseregions and pcidisabledevice to recycle the resource previously allocated...

UBUNTU-CVE-2024-50093

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processorthermal driver uses pcimdeviceenable to enable a PCI device, which means the device will be automatically disabled on driver detach. Thus there is ...

DEBIAN-CVE-2022-48894

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

xorg-x11-server: heap buffer overflow in DisableDevice

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

OESA-2024-1102 xorg-x11-server security update

X.Org X11 X server Security Fixes: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's...

wagtail-2fa authorization issue vulnerability

wagtail-2fa is a two-factor authentication software package. An authorization issue vulnerability exists in versions prior to wagtail-2fa 1.4.1, which stems from the program's failure to request specific permissions for the view and delete functions of another user's 2FA device, which can be...

CVE-2018-18878

In firmware version MS2.6.9900 of Columbia Weather MicroServer, the BACnet daemon does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable...