Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fixed an out-of-bounds write in fastimageblit. This issue occurs when a user-space program calls ioctl FBIOPUTCON2FBMAP by passing the console number and the frame buffer number. Ideally, this maps the console to the frame...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tty: Fixed out-of-bound access to vmalloc in imageblit. This issue occurs when a user-space program calls ioctl FBIOPUTVSCREENINFO, passing the fbvarscreeninfo structure containing only the fields xres, yres, and bitsperpixel. If...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-38685)

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.2.el7.AXS7 (AXSA:2024-8820:28)

"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8820:28 advisory. net: ice: Fix potential NULL pointer dereference in icebridgesetlink CVE-2024-26855 tty: Fix out-of-bound vmalloc access in imageblit CVE-2021-4738...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990549 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990162 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989251 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987512 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

EUVD-2025-26784

Malicious code in bioql PyPI...

fbdev: Fix vmalloc out-of-bounds write in fast_imageblit

...

SUSE CVE-2025-38685

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...

AZL-73836 CVE-2025-38685 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...

CVE-2025-38685

CVE-2025-38685 affects the Linux kernel fbdev path. The issue arises in vmalloc out-of-bounds write within fast_imageblit when a userspace ioctl (FBIOPUT_CON2FBMAP) maps a console to a framebuffer; if the console resize during mapping fails but the code continues, it can end up updating display s...

CVE-2025-38685 fbdev: Fix vmalloc out-of-bounds write in fast_imageblit

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...

PT-2025-35958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the fbdev subsystem related to an out-of-bounds write in the fast imageblit function. This issue occurs when a user-space program performs an ioctl...

Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024183 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47600: dm btree remove: fix use afte...

Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. CVE-2024-35862:...

SUSE-SU-2024:3854-1 Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059161 fixes several issues. The following security issues were fixed: - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2023-52752: smb: client: fix use-after-free bug in cifsdebugdataprocshow bsc1225819. -...