56 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb – revert the use of devmkzalloc in btusb This change reverts to the behavior described in commit 98921dbd00c4e “Bluetooth: Use devmkzalloc in btusb.c file”. In btusbprobe, we use devmkzalloc to allocate the btusb...
CVE-2026-46261
A flaw was found in the Linux kernel. A null pointer dereference in the wpcm-fiu Serial Peripheral Interface SPI driver, specifically when platformgetresourcebyname returns a null value, could lead to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...
CVE-2026-46108
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI System Interface SI driver. This vulnerability occurs when the driver fails to return to a normal operational state after a message allocation failure. This improper state handling can lead to the driver not...
PT-2026-44300
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The ipmi driver fails to implement limits on event and receive message requests, continuing to fetch data until the Baseboar...
USN-8184-1: Linux kernel (Real-time) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
The CVE-2025-15038 affected component is the ASUS Business System Control Interface driver. A vulnerability described as Out-of-Bounds allows a local, unprivileged user to craft an IOCTL request that can trigger kernel information disclosure or cause a system crash. The exposure is linked to loca...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of lock protection for the currxfer field in the tegra210-quad SPI driver. This...
SUSE CVE-2025-68755
In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e "staging: most: remove device from...
CVE-2023-54054 scsi: qla2xxx: Fix buffer overrun
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix buffer overrun Klocwork warning: Buffer Overflow - Array Index Out of Bounds Driver uses fcelsflogi to calculate size of buffer. The actual buffer is nested inside of fcelsflogi which is smaller. Replace...
EUVD-2025-14435
Malicious code in bioql PyPI...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (IBM) vulnerabilities (USN-7779-1)
"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7779-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
USN-7766-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
CVE-2023-53414 scsi: snic: Fix memory leak with using debugfs_lookup()
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...
PT-2025-34423
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel related to the ASoC Audio Subsystem over Component framework, specifically within the mediatek mt8365-dai-i2s driver. The mt8365 dai set priv...
Vulnerability of the amd_sfh_work() function in the driver/hid/amd-sfh-hid/amd_sfh_client.c file – a driver for the Linux kernel’s user interface device subsystem, which allows an attacker to access protected information.
Vulnerability of the amdsfhwork function in the driver/hid/amd-sfh-hid/amdsfhclient.c file – The driver for the Linux kernel’s user interface device subsystem is vulnerable due to improper memory release before deleting the last reference memory leak. Exploiting this vulnerability could allow an...
CVE-2021-25487
Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...
CVE-2025-29829 Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
...