Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: The error code in mchpeicdomainalloc has been fixed. If irqdomaintranslatetwocell sets “hwirq” to = MCHPEICNIRQ 2, it may lead to an out-of-bounds access. The code checks for invalid values, but does not set the...

irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()

...

CVE-2025-68766

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

UBUNTU-CVE-2025-68766

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

CVE-2025-68766

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

CVE-2025-68766 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

CVE-2025-68766

CVE-2025-68766 is fixed in the Linux kernel for SUSE/openSUSE advisories. The issue occurs in irqchip/mchp-eic: if irq_domain_translate_twocell() sets hwirq to a value >= MCHP_EIC_NIRQ (2), the code may access out of bounds. The root cause is that validity checks exist but the error code is no...

CVE-2025-68766 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

CVE-2025-68766

In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets "hwirq" to = MCHPEICNIRQ 2 then it results in an out of bounds access. The code checks for invalid values, but doesn't set the error code...

PT-2026-1254

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel’s irqchip/mchp-eic component where an out-of-bounds access can occur in the mchp eic domain alloc function. Specifically, if the irq domain translate...

Linux Distros Unpatched Vulnerability : CVE-2025-68766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - irqchip/mchp-eic: Fix error code in mchpeicdomainalloc If irqdomaintranslatetwocell sets hwirq to = MCHPEICNIRQ 2 then it results in an out of bounds access. Th...

eic-book.com Cross Site Scripting vulnerability OBB-3836123

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-23856

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI...

Authentication flaw

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account...

Code injection

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An attacker can enumerate users by changing the id parameter, such as for the ECM/maintenance/forgotpasswordstep1 URI...

CVE-2022-23855

An issue was discovered in Saviynt Enterprise Identity Cloud EIC 5.5 SP2.x. An authentication bypass in ECM/maintenance/forgotpasswordstep1 allows an unauthenticated user to reset passwords and login as any local account...

CVE-2022-23855

Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x contains an authentication bypass in ECM/maintenance/forgotpasswordstep1 that allows an unauthenticated user to reset passwords and log in as any local account. Root cause: bypass in forgotpasswordstep1. Publicly available fix details are not prov...

CVE-2022-23856

CVE-2022-23856 affects Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. The issue is due to allowing an attacker to enumerate users by manipulating the id parameter in the ECM/maintenance/forgotpasswordstep1 endpoint. The vulnerability arises from improper validation/handling of the id paramete...

CVE-2021-34683

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...

Information disclosure

An issue was discovered in EXCELLENT INFOTEK CORPORATION EIC E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/getuseremailinfobbs.asp to obtain the contact information name and e-mail address of everyone in the entire organization. This information can allow remote attackers to...