Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clearing tablesz when rprocshutdown is called. There is a scenario where a kernel dump may occur: Use U-Boot to start a remote processor rproc with a resource table published to a fixed address by rproc. After t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/pseries/iommu: The IOMMU table is not initialized for kdump over SR-IOV. When the kdump kernel attempts to copy dump data using SR-IOV, LPAR panics due to a NULL pointer exception: - The kernel attempted to read user...

EUVD-2025-32759

In the Linux kernel, the following vulnerability has been resolved: srcu: Delegate work to the boot cpu if using SRCUSIZESMALL Commit 994f706872e6 "srcu: Make Tree SRCU able to operate without snpnode array" assumes that cpu 0 is always online. However, there really are situations when some other...

EUVD-2025-11823

Malicious code in bioql PyPI...

EUVD-2025-28941

Malicious code in bioql PyPI...

EUVD-2025-11825

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-39771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - regulator: pca9450: Use devmregistersysoffhandler With module test, there is error dump: ------------ cut here ------------ notifier callback...

CVE-2025-39771

The CVE-2025-39771 entry concerns the Linux kernel regulator driver pca9450. The issue arises in the pca9450_restart handling during module probe, where a notifier callback is already registered, leading to a kernel dump if not managed. The documented remediation is to use devm_register_sys_off_h...

Linux Distros Unpatched Vulnerability : CVE-2025-37981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use iskdumpkernel to check for kdump The smartpqi driver checks the...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use iskdumpkernel to check for kdump. The smartpqi driver checks the resetdevices variable to determine whether special adjustments are needed for kdump. This results in the following behavior: After a regular kex...

CVE-2023-53098

In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...

CVE-2023-53098

In the Linux kernel, the following vulnerability has been resolved: media: rc: gpio-ir-recv: add remove function In case runtime PM is enabled, do runtime PM clean up to remove cpu latency qos request, otherwise driver removal may have below kernel dump: 19.463299 Unable to handle kernel NULL...

CVE-2023-53098

CVE-2023-53098 summary (Linux kernel) : The vulnerability resides in the Media driver gpio-ir-recv under media: rc, where an added remove function plus runtime-pm cleanup is required. If runtime PM is enabled, systems must perform runtime PM cleanup to remove a cpu-latency QoS request; otherwise,...

CVE-2025-38152

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear tablesz when rprocshutdown There is case as below could trigger kernel dump: Use U-Boot to start remote processorrproc with resource table published to a fixed address by rproc. After Kernel boots up, stop...

CVE-2025-38479

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

CVE-2025-38479

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

DEBIAN-CVE-2025-38479

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

CVE-2025-38479 dmaengine: fsl-edma: free irq correctly in remove path

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

CVE-2025-38479 dmaengine: fsl-edma: free irq correctly in remove path

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

CVE-2025-38152

CVE-2025-38152 affects the Linux kernel remoteproc subsystem. The root cause is the rproc_shutdown path not clearing rproc->table_sz, which allows a memcpy of loaded_table from rproc->cached_table to use a NULL rproc->cached_table after stopping, causing a kernel crash. The issue is repo...