46 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Validates the persistent meta-data subbuf array The meta-data for a mapped ring buffer contains an array of indexes to all subbuffers. The first entry represents the “reader page,” and the remaining entries specify t...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa: Fixed FFA device names for logical partitions Each physical partition can provide multiple services, each with a unique UUID. Each such service can be represented as a logical partition with a unique combination...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006780)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006780 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail:...
EUVD-2026-2054
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
EUVD-2026-1581
When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...
EUVD-2026-0467
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
SUSE CVE-2025-68354
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
EUVD-2025-205100
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
EUVD-2025-205164
In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in inetdelifa I got the below warning when do fuzzing test: unregisternetdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0 type bond sysctl -w...
AZL-73060 CVE-2025-68354 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
CVE-2025-68354
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
CVE-2025-68354
CVE-2025-68354 affects the Linux kernel regulator core. The vulnerability occurred because regulator_supply_alias_list was accessed without locking during regulator_supply_alias(), regulator_register_supply_alias(), and regulator_unregister_supply_alias(), allowing race conditions that could caus...
CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...
Linux Distros Unpatched Vulnerability : CVE-2025-68354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias,...
PT-2025-52890
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw in the regulator core where the regulator supply alias list was accessed without proper locking mechanisms. This lack of locking could lead to several...
EUVD-2025-204721
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platformsetdrvdata and devsetdrvdata. They both are of the same data and overrides each other. This resulted in the rmmod of the svc driver to...
EUVD-2025-202890
OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...
EUVD-2025-201102
Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.7rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client...
CVE-2025-11936
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...