Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dumpmapping from accessing invalid dentry.dname.name It has been observed that a crash occurs during the hot removal of a memory device, in which the user is accessing hugetlb. See the call trace as follows:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: PCI/DPC: Fixed a use-after-free issue when a DPC event occurs concurrently with hot-removal of the same portion of the hierarchy. Keith reported a use-after-free when a DPC event occurred concurrently with the hot-removal of t...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: switchtec: Fixed a crash occurring after a sudden hot removal of stdevrelease A hot removal of a PCI device can occur while stdev-cdev is still held open. The call to stdevrelease happens during close or exit, well after...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed a use-after-free of slot-bus during hot removal. Dennis reported a boot crash on recent Lenovo laptops with a USB4 dock. Since the commit 0fc70886569c "thunderbolt: Reset USB4 v2 host router" and the commit...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: A issue related to the object lifecycle was fixed in updateqosrequest. The cpufreqcpuput call in updateqosrequest occurs too early. This is because updateqosrequest subsequently calls freqqosupdaterequest,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fixed access beyond the end of the drmem array The dlparmemoryremovebyindex function may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC index...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013103)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013103 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992838)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992838 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992227)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992227 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo...

SUSE CVE-2025-40194

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

Linux Distros Unpatched Vulnerability : CVE-2025-40194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter...

AZL-70094 CVE-2025-40194 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

CVE-2025-40194

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

CVE-2025-40194 cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request()

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

CVE-2025-40194

CVE-2025-40194 affects the Linux kernel cpufreq Intel_pstate driver. The vulnerability arises from an object lifecycle issue in update_qos_request() where cpufreq_cpu_put() is invoked too early, while freq_qos_update_request() may indirectly access the same policy object. The advisory notes that ...

CVE-2025-40194 cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request()

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper object lifecycle management and could lead to a CPU hot-removal crash...

Siemens SIMATIC Devices Use After Free (CVE-2024-42302)

In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently to hot- removal of the same portion of the hierarchy: The dpchandler awaits readiness of the...

kernel: PCI: Fix use-after-free of slot->bus on hot remove

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot-bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c "thunderbolt: Reset USB4 v2 host router" and commit 59a54c5f3dbd "thunderbolt: Res...

kernel: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal

A use-after-free flaw was found in concurrent DPC and hot-removal in the Linux kernel. This issue may result in a crash...