Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it’s not applicable REASON The dynamic memory safety error detector KASAN detects and generates error messages like “BUG: KASAN: slab-out-of-bounds”. The writeback connector does not suppor...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013194 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007009)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007009 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN:...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

CVE-2026-23204

CVE-2026-23204 affects the Linux kernel net/sched cls_u32. The root cause is that skb_header_pointer() does not fully validate negative @offset values, enabling a slab-out-of-bounds condition in u32_classify() (reported as BUG: KASAN). The fix replaces skb_header_pointer() with skb_header_pointer...

CVE-2025-68785 net: openvswitch: fix middle attribute validation in push_nsh() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

Unity Linux 20.1060a Security Update: kernel (UTSA-2025-992831)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992831 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage There is an use-after-free reported by...

UBUNTU-CVE-2023-54262

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is a erroneous leftover from original...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992378)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992378 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/poly1305 - fix a read out-of-bound A kasan error was reported during fuzzing: BUG:...

Linux Distros Unpatched Vulnerability : CVE-2022-50697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989147 advisory. In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990032)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990032 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is...

CVE-2023-53701

...

EUVD-2024-53829

Malicious code in bioql PyPI...

EUVD-2025-12954

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save Improper us...

CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

UBUNTU-CVE-2022-50295

In the Linux kernel, the following vulnerability has been resolved: iouring/msgring: Fix NULL pointer dereference in iomsgsendfd Syzkaller produced the below call trace: BUG: KASAN: null-ptr-deref in iomsgring+0x3cb/0x9f0 Write of size 8 at addr 0000000000000070 by task repro/16399 CPU: 0 PID:...

CVE-2022-50248 wifi: iwlwifi: mvm: fix double free on tx path.

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is indeed a way to...

CVE-2022-50248 wifi: iwlwifi: mvm: fix double free on tx path.

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is indeed a way to...