Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vt: Clear the selection before changing the font. When changing the console font using ioctlKDFONTOP, the new font size may be larger than the previous one. As a result, a previous selection might now be outside the new screen...

CVE-2023-54281 btrfs: release path before inode lookup during the ino lookup ioctl

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfsiget to get an inode reference while we are holding on a root's btree. If btrfsiget needs to lookup the...

CVE-2022-50667

CVE-2022-50667 affects Linux kernel drm/vmwgfx: memory leak in vmw_mksstat_add_ioctl when copying a userspace description fails, causing a leak of the instance descriptor page. SUSE advisory SUSE-SU-2026:0317-1 (SUSE SLES15 SP5 kernel) lists CVE-2022-50667 among fixed issues, indicating a kernel ...

EUVD-2020-4951

Malware in sbrugna...

EUVD-2018-19291

Malware in sbrugna...

EUVD-2017-7337

Malware in sbrugna...

CVE-2025-39826

CVE-2025-39826 : In the Linux kernel, the net/rose_neigh struct’s use field was a non-atomic reference counter, risking use-after-free if the rose_neigh is freed while still referenced. The fix converts the field from unsigned short to refcount_t and switches code paths to rose_neigh_hold() and r...

PT-2025-37971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The 'use' field within the rose neigh structure was not atomic, leading to potential race conditions. Specifically, the structure could be freed while still being referenced, potentially...

UBUNTU-CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compatinsnlist compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl whenwhen CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct comediinsn converted fro...

DEBIAN-CVE-2024-35849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in btrfsioctllogicaltoino Syzbot reported the following information leak for in btrfsioctllogicaltoino: BUG: KMSAN: kernel-infoleak in instrumentcopytouser include/linux/instrumented.h:114 inline BUG:...

PT-2022-35344 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue concerns a memory corruption in ioctl. It was introduced in version v5.4 and fixed in Linux Kernel version v5.15.75. The actual impact and attack plausibility have not yet been...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:0801-1 Rating: important References: 1051510 1058115 1065729 1071995 1082555 1083647 1089895 1090036 1103990 1103991 1103992 1104745 1109837 1111666 1112178 1112374 1113956 1114279 1124278 1127354...

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

CVE-2020-12652

The mptctlioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security...

CVE-2018-19085

RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges...

CVE-2010-2530

Multiple integer signedness errors in smbsubr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service panic via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a 1 SMBIOCLOOKUP or 2...

CVE-2010-2530

Multiple integer signedness errors in smbsubr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service panic via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a 1 SMBIOCLOOKUP or 2...