Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: sm712fb: Fixed a crash in smtcfbwrite When the sm712fb driver writes three bytes to the framebuffer, the driver crashes. The issue is due to an inability to handle a page fault for the address: ffffc90001ffffff. RIP...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: sps30i2c: fix the buffer size in sps30i2creadmeas The value of sizeofnum is evaluated as sizeofsizet 8 bytes on 64-bit systems, instead of the intended be32 element size 4 bytes. Use sizeofmeas to correctly match t...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endian kernels as it doesn't convert the in-memory instruction encoding which is always little-endian into the kernel's native endianness...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: A buffer overflow issue has been fixed in the configuration retrieval process. The scarlett2usbgetconfig function contains a logical error in the endianness conversion code. This can lead to buffer overflows when...

CVE-2026-43070

In the Linux kernel, the following vulnerability has been resolved: bpf: Reset register ID for BPFEND value tracking When a register undergoes a BPFEND byte swap operation, its scalar value is mutated in-place. If this register previously shared a scalar ID with another register e.g., after an r1...

Astra Linux - уязвимость в xorg-server, xwayland

A heap-based buffer overflow vulnerability was discovered in the X.org server’s ProcXIGetSelectedEvents function. This issue occurs when length values that are swapped in bytes are used in replies. This can potentially lead to memory leakage and segmentation faults, especially when triggered by a...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fixed out-of-bounds accesses in RX fixup The function aqc111rxfixup contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device. Specifically: - The metadata array...

Astra Linux - уязвимость в xorg-server, xwayland

A heap-based buffer overflow vulnerability was discovered in the X.org server’s ProcXIPassiveGrabDevice function. This issue occurs when length values that are swapped in bytes are used in responses, potentially leading to memory leakage and segmentation faults, especially when triggered by a...

SUSE CVE-2026-31690

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

CVE-2026-31690

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

CVE-2026-31690

CVE-2026-31690 affects the Linux kernel TH1520 AON firmware protocol driver. The issue combined a potential buffer overflow from unsafe pointer arithmetic when accessing the 'mode' field via a resource offset, and the use of custom RPC_SET_BE*/RPC_GET_BE* macros replaced with standard endianness ...

CVE-2026-31690 firmware: thead: Fix buffer overflow and use standard endian macros

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

EUVD-2026-25887

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

PT-2026-35496

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005597)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005597 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: probes: Fix uprobes for big-endian kernels The arm64 uprobes code is broken for big-endia...

SUSE-SU-2026:20516-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero ...

SUSE-SU-2026:20512-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: - CVE-2025-38111: net/mdiobus: Fix potential out-of-bounds read/write access bsc1249455. - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers an...

SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:0487-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0487-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: -...

SUSE-SU-2026:0489-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39742: RDMA: hfi1: fix possible...

SUSE CVE-2026-23078

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Fix buffer overflow in config retrieval The scarlett2usbgetconfig function has a logic error in the endianness conversion code that can cause buffer overflows when count 1. The code checks if size == 2 where size...