Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iavf: Fixed error handling for reset operations. Do not call iavfclose during error handling for iavfresettask. Doing so may lead to a double call to napidisable, which can cause a deadlock. Removing the VF may cause...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fixed the issue where the link state was exited during the removal of an upstream function. Before version 456d8aa37d0f “PCI/ASPM: Disabled ASPM during the removal of an MFD function to avoid use-after-free”, we only...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disabling ASPM when a multifunction device’s function is removed to avoid use-after-free errors. The struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously, we retained this pointer when...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-013109)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013109 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007622)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007622 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal Before 456d8aa37d0f PCI/ASP...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006599)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006599 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005617 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005434 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct...

PT-2026-3742

Summary The getSecretKey template function, while introduced for senhasegura Devops Secrets Management DSM provider, has the ability to fetch secrets cross-namespaces with the roleBinding of the external-secrets controller, bypassing our security mechanisms. This function was completely removed, ...

Linux Distros Unpatched Vulnerability : CVE-2025-68743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. Th...

SUSE CVE-2025-40219

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" tried to fix a race between the VF removal inside sriovdelvfs and concurrent...

AZL-71293 CVE-2025-40219 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...

CVE-2025-40219 PCI/IOV: Fix race between SR-IOV enable/disable and hotplug

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" tried to fix a race between the VF removal inside sriovdelvfs and concurrent...

CVE-2025-40219

CVE-2025-40219 concerns the Linux kernel SR-IOV PCI handling. The vulnerability stems from missing serialization locks around SR-IOV VF removal/enabling: sriov_disable() could remove VF PCI devices without holding the global PCI rescan-remove lock, risking double-remove/list corruption (notably o...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989411 advisory. In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 ice: Stop processing VF messages...

EUVD-2025-11276

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-53446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we...

SUSE CVE-2023-53446

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM...

CVE-2023-53446

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM...

CVE-2023-53446

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM...