Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Added multi-thread support for DMA channels. When a DMA channel is obtained and tried to be used across multiple threads, it can lead to errors and cause the system to hang. bash % echo 100...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – Set NULL to qm-debug.qmdiff regs. When the initialization of qm-debug.accdiffreg fails, the probe process does not exit. However, after qm-debug.qmdiff regs is freed, it is not set to NULL. This can lead to...

Exploit for CVE-2020-25078

ABYSS C2 — HiSilicon DVR Exploit Framework ⚠️ EDUCATIONAL...

Exploit for CVE-2020-25078

ABYSS C2 — HiSilicon DVR Exploit Framework ⚠️ EDUCATIONAL...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – Do not sleep when in softirq When the kunpeng920 encryption driver is used to deencrypt and decrypt packets during softirq, it is not allowed to use a mutex lock. The kernel will report the following error...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – fixed the aead software fallback for the engine. Due to the misuse of the subreq pointer, private context memory was affected. The aead software-related crypto function occasionally causes the operating...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fixed a potential use-after-free in hix5hd2rx. The skb is passed to npapigroreceive, which may free it. After calling this function, dereferencing the skb may trigger a use-after-free...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Add missing ofnodeput after offindcompatiblenode The offindcompatiblenode function will increment the refcount of the returned devicenode. Calling ofnodeput is necessary to avoid a refcount leak...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/hpre – fixed a resource leak in the remove process. In hpreremove, when the disable operation of qm sriov fails, the following logic should continue to be executed to release the remaining resources that have be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip – fixed a mismatch in operations on the sglsgenr variable. KASAN reported this bug as follows: 17619.659757 BUG: KASAN: Global-out-of-bounds condition in paramgetint+0x34/0x60. 17619.673193 A size 4 read was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm – Requesting a reserved interrupt for the virtual function The device interrupt vector 3 is an error interrupt for physical functions, and it is a reserved interrupt for virtual functions. However, the driver...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013756 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/hpre - fix resource leak in remove process In hpreremove, when the disable...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013808)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013808 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stac...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013535 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BU...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010781)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010781 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - fix the aead software fallback for engine Due to the subreq pointer misus...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011215 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BU...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010956 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stac...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007475 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - don't sleep when in softirq When kunpeng920 encryption driver is used to...

ROS-20260414-73-0045

A vulnerability in the hisiinnophyprobe function of the drivers/phy/hisilicon/phy-hisi-inno-usb2.c module of the PHY driver of the Linux operating system kernel is related to writing outside buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2019-25465

Hisilicon HiIpcam V100R003 contains a directory traversal vulnerability that allows unauthenticated attackers to access sensitive configuration files by exploiting directory listing in the cgi-bin directory. Attackers can request the getadslattr.cgi endpoint to retrieve ADSL credentials and netwo...