Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa: Fixed FFA device names for logical partitions Each physical partition can provide multiple services, each with a unique UUID. Each such service can be represented as a logical partition with a unique combination...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Ring-buffer: Validates the persistent meta-data subbuf array The meta-data for a mapped ring buffer contains an array of indexes to all subbuffers. The first entry represents the “reader page,” and the remaining entries specify t...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006780 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't fail inserts if duplicate has expired nftables selftests fail:...

EUVD-2026-3355

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

EUVD-2026-2054

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

EUVD-2026-1581

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

EUVD-2026-0467

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

SUSE CVE-2025-68354

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

EUVD-2025-205100

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

EUVD-2025-205164

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in inetdelifa I got the below warning when do fuzzing test: unregisternetdevice: waiting for bond0 to become free. Usage count = 2 It can be repoduced via: ip link add bond0 type bond sysctl -w...

AZL-73060 CVE-2025-68354 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

CVE-2025-68354

CVE-2025-68354 affects the Linux kernel regulator core. The vulnerability occurred because regulator_supply_alias_list was accessed without locking during regulator_supply_alias(), regulator_register_supply_alias(), and regulator_unregister_supply_alias(), allowing race conditions that could caus...

PT-2025-52890

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw in the regulator core where the regulator supply alias list was accessed without proper locking mechanisms. This lack of locking could lead to several...

Linux Distros Unpatched Vulnerability : CVE-2025-68354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias,...

EUVD-2025-204721

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platformsetdrvdata and devsetdrvdata. They both are of the same data and overrides each other. This resulted in the rmmod of the svc driver to...

EUVD-2025-202890

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

EUVD-2025-201102

Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.7rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client...