Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass an empty environment variable. fwgetenv will use the environment variable entry to determine the style of the environment variables. However, it is legal for the firmware to simply pass an empty...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013167)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013167 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of en...

OESA-2026-1834 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: barebox is a bootloader. In barebox from version 2016.03.0 to before version 2026.03.1 and the...

SUSE CVE-2023-54279

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

EUVD-2023-60525

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

CVE-2023-54279

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

CVE-2023-54279

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

CVE-2023-54279 MIPS: fw: Allow firmware to pass a empty env

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

CVE-2023-54279

CVE-2023-54279 concerns the Linux kernel MIPS fw handling when firmware passes an empty environment. The issue arises in fw_getenv, which uses an env entry to determine the style of env data; firmware may supply an empty list, risking a null pointer dereference if code path assumes a non-empty fi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check firmware environment entries, which could lead to a null pointer dereference...

EDK2 Security Feature Issue Vulnerability

EDK2 is a cross-platform firmware development environment from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from the Network Package being susceptible to predictable TCP initial sequence numbers...

Microsoft Windows 10: Modify firmware environment values

This security setting determines who can modify firmware environment values. Firmware environment values are settings that are stored in the nonvolatile RAM of non-x86-based computers. The effect of the setting depends on the processor. On all computers, this user right is required to install or...