861 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drivers: perf: marvellcn10k: Fixed a leak in the hotplug callback in tadpmuinit. The tadpmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. Remove the callback by usin...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: hwmon: coretemp Simplified platform device handling Coretemp’s platform driver is unconventional. All the actual processing is performed globally by the initcall and CPU hotplug notifiers. The “driver” essentially just wraps t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cgroup, freezer: Hold cpuhotpluglock before freezermutex. syzbot reports a circular locking dependency between cpuhotpluglock and freezermutex. To address this issue, commit f5d39b020809 “freezer,sched: Rewrite core freezer...
OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...
PT-2026-43771
Name of the Vulnerable Software and Affected Versions Linux kernel version 6.18.0-rc3 Description An issue in the Enhanced Error Handling EEH driver for powerpc leads to recursive locking. The function eeh handle normal event acquires the pci lock rescan remove lock before calling eeh pe bus get,...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/armdmc620: Fixed a leak in the hotplug callback in dmc620pmuinit. The dmc620pmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. Remove the callback by calling...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential deadlock in CPU hotplug with osnoise. The following sequence may lead to a deadlock in CPU hotplug: task1 task2 task3 ----- ----- ----- The code sequence is as follows: mutexlock&interfacelock CPU GOING...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: using cpuhpstateremoveinstancenocalls instead of cpuhpstateremoveinstance so that the notifications do not execute after the PMU device has been unregistered. When removing the ‘hisihns3’ PMU, we accidentally...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: x86/fpu: Keep xfdstate synchronized with MSRIA32XFD. The commits 672365477ae8 "x86/fpu: Update XFD state where required" and 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per-CPU variable xfdstate to maintain t...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 0,...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Do not issue ATS Invalidation requests when the device is disconnected. For those endpoint devices connected to the system via hot-plug-capable ports, users can request a hot reset of the device by setting the link...
CLSA-2026-1779098063 cloud-init: Fix of CVE-2024-11584
CVE-2024-11584: fix systemd socket unit permission vulnerability to prevent unprivileged user from triggering hotplug-hook commands...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove the cpuhp instance node before removing the cpuhp state The functions cpuhpstateaddinstance and cpuhpstateremoveinstance should be used in pairs. Otherwise, a warning will be issued during the...
Astra Linux – Vulnerability in cloud-init
In cloud-init through 25.1.2, the systemd socket unit “cloud-init-hotplugd.socket” is included, with a default SocketMode of 0666, allowing world-write permissions. This socket is used for the /run/cloud-init/hook-hotplug-cmd FIFO. A non-privileged user can trigger the hotplug-hook commands...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: PCI: pciehp: Fixed an infinite loop in the IRQ handler upon a power fault. The Power Fault Detected bit in the Slot Status register differs from all other hot-plug events in that it is sticky: It can only be cleared after...
Astra Linux – Vulnerability in Linux
In the file drivers/pci/hotplug/rpadlpar/sysfs.c within the Linux kernel up to version 5.11.8, the RPA PCI Hotplug driver suffers a user-tolerable buffer overflow when writing a new device name to the driver from user space. This allows user space to write data directly to the kernel stack frame...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: PCI: s390 – Fixed a use-after-free of PCI resources when per-function hot-plugging occurs. On the s390 architecture, PCI functions may be hot-plugged individually, even when they belong to a multi-functional device. Specifically,...