Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fixed a reference leak in tegradsigangedprobe. The reference taken by offinddevicebynode must be released when it is no longer needed. Add a putdevice call to fix this issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: leds: led-core: A reference count leak was fixed in ledget. The classfinddevicebyofnode function calls classfinddevice, which will hold a reference. The putdevice function is used to release the reference when no longer needed...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000220)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000220 advisory. fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfsverifydevextents NULL pointer dereference via a crafted btrfs image because fsdevices-devices is...

Linux Distros Unpatched Vulnerability : CVE-2023-54190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - leds: led-core: Fix refcount leak in ofledget classfinddevicebyofnode calls classfinddevice, it will take the reference, use the putdevice to drop the reference...

EUVD-2023-60451

In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in ofledget classfinddevicebyofnode calls classfinddevice, it will take the reference, use the putdevice to drop the reference when not need anymore...

UBUNTU-CVE-2023-54190

In the Linux kernel, the following vulnerability has been resolved: leds: led-core: Fix refcount leak in ofledget classfinddevicebyofnode calls classfinddevice, it will take the reference, use the putdevice to drop the reference when not need anymore...

CVE-2023-54190

In CVE-2023-54190, the Linux kernel fixes a refcount leak in leds-core: of_led_get() where class_find_device_by_of_node() previously took a reference via class_find_device() and relied on put_device() to drop it. The vulnerability pertains to the LED subsystem's reference counting and has been mi...

CVE-2022-50777 net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe

In the Linux kernel, the following vulnerability has been resolved: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmiiprobe ofphyfinddevice return device node with refcount incremented. Call putdevice to relese it when not needed anymore...

PT-2025-53143

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the xgmiitorgmii probe function within the networking subsystem of the Linux kernel. The of phy find device function returns a device node with an...

Siemens SIMATIC Devices Use After Free (CVE-2025-21858)

geneve: Fix use-after-free in genevefinddev This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503396; scriptversion"1.2";...

SUSE CVE-2025-39876

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fecenetphyresetafterclkenable The function ofphyfinddevice may return NULL, so we need to take care before dereferencing phydev...

CVE-2025-39876

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fecenetphyresetafterclkenable The function ofphyfinddevice may return NULL, so we need to take care before dereferencing phydev...

AZL-67659 CVE-2025-39876 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fecenetphyresetafterclkenable The function ofphyfinddevice may return NULL, so we need to take care before dereferencing phydev...

CVE-2025-39876 net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fecenetphyresetafterclkenable The function ofphyfinddevice may return NULL, so we need to take care before dereferencing phydev...

SUSE CVE-2023-53385

In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fix resource leaks in offinddevicebynode Use putdevice to release the object get through offinddevicebynode, avoiding resource leaks...

CVE-2023-53385

In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fix resource leaks in offinddevicebynode Use putdevice to release the object get through offinddevicebynode, avoiding resource leaks...

PT-2025-39133

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to network device drivers. Specifically, the fec enet phy reset after clk enable function may experience a null pointer dereference NPD if of ph...

SUSE SLED15: grub2 / grub2-arm64-efi / grub2-i386-pc / grub2-powerpc-ieee1275 / etc (SUSE-SU-2025:02813-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02813-1 advisory. - CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Other...

Recommended update for grub2

This update for grub2 fixes the following issues: CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp bsc1234959 Other fixes: - Fix test -f and -s do not work properly over the network files served via tftp and http bsc1246157, bsc1246237 - Skip mount...

SUSE SLED15: grub2 / grub2-arm64-efi / grub2-arm64-efi-debug / etc (SUSE-SU-2025:02772-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02772-1 advisory. - CVE-2024-56738: Fixed side-channel attack due to not constant-time algorithm in grubcryptomemcmp...