Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since the commit a3c53be55c95 “net: dsa: mv88e6xxx: Support multiple MDIO buses“”, the function mv88e6xxxdefaultmdiobus has checked that the return value of listfirstentry is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Ensure that the list is non-empty before using listfirstentry in kfdtopology.c. Before using listfirstentry, make sure that the list is not empty; if the list is empty, return -ENODATA. The following issues have al...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumacltcam: Fixed incorrect use of the list API. Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call listfirstentry on the respective...

EUVD-2025-208367

An administrator may attempt to block all traffic by configuring a pass filter with an empty table. However, in UBR, an empty list does not enforce any restrictions and allows all network traffic to pass unfiltered...

EUVD-2025-208366

An administrator may attempt to block all traffic by configuring a pass filter with an empty table. However, in UBR, an empty list does not enforce any restrictions and allows all network traffic to pass unfiltered...

PT-2026-24030

An administrator may attempt to block all traffic by configuring a pass filter with an empty table. However, in UBR, an empty list does not enforce any restrictions and allows all network traffic to pass unfiltered...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42224)

net: dsa: mv88e6xxx: wrong check on empty list. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504568; scriptversion"1.2";...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990624 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990272 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989967)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989967 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986542)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986542 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Correct check for empty list Since commit a3c53be55c95 net: dsa: mv88e6xxx:...

EUVD-2025-19733

Malicious code in bioql PyPI...

EUVD-2025-30347

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-39853

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced. Fi...

Buffer overread when using an empty list with SSLContext.set_npn_protocols()

...

drm/amdgpu: add list empty check to avoid null pointer issue

...

SUSE CVE-2025-38092

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...

DEBIAN-CVE-2025-38092

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...

UBUNTU-CVE-2025-38092

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use listfirstentryornull for opinfogetlist The listfirstentry macro never returns NULL. If the list is empty then it returns an invalid pointer. Use listfirstentryornull to check if the list is empty...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if a list is empty, which could lead to invalid pointer references...