58 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the assignment logic of iocb. Commit 18ae8d12991b "f2fs: shows more DIO information in tracepoints" introduced the iocb field in the 'f2fsdirectIOenter' trace event. It only assigns the pointer and then accesses it...
CVE-2026-23345 arm64: gcs: Do not set PTE_SHARED on GCS mappings if FEAT_LPA2 is enabled
In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGEGCS,RO definitions include th...
DEBIAN-CVE-2023-53742
In the Linux kernel, the following vulnerability has been resolved: kcsan: Avoid READONCE in readinstrumentedmemory Haibo Li reported: | Unable to handle kernel paging request at virtual address | ffffff802a0d8d7171 | Mem abort info:o: | ESR = 0x9600002121 | EC = 0x25: DABT current EL, IL = 32...
EUVD-2025-201214
In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...
CVE-2025-40245
CVE-2025-40245 (Linux kernel, nios2) : On nios2 with CONFIG_FLATMEM, memblock.current_limit was not initialized early enough, so memblock_get_current_limit() could miscompute limits for mem_map, letting max_low_pfn exceed max_pfn and expanding DRAM access beyond valid range. This could cause kern...
EUVD-2025-20061
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-50270
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix the assign logic of iocb commit 18ae8d12991b "f2fs: show more DIO information in tracepoint" introduces iocb field in 'f2fsdirectIOenter' trace event And it only assigns the pointer and later it accesses its field in...
Linux Distros Unpatched Vulnerability : CVE-2024-26588
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Prevent out-of-bounds memory access The testtag test triggers an unhandled...
Linux Distros Unpatched Vulnerability : CVE-2025-37794
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop SKB from vif's txq could still be processed. Indeed another concurrent vif...
Linux Distros Unpatched Vulnerability : CVE-2023-52613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drivers/thermal/loongson2thermal: Fix incorrect PTRERR judgment PTRERR returns -ENODEV when...
Linux Distros Unpatched Vulnerability : CVE-2025-22057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: decrease cached dst counters in dstrelease Upstream fix ac888d58869b net: do not delay dstentriesadd in dstrelease moved decrementing the dst count from...
CVE-2025-38354
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling GPU immediately during boot There is a small chance that the GPU is already hot during boot. In that case, the call to ofdevfreqcoolingregister will immediately try to apply devfreq cooling,...
SUSE CVE-2025-38195
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix panic caused by NULL-PMD in hugepteoffset ERROR INFO: CPU 25 Unable to handle kernel paging request at virtual address 0x0 ... Call Trace: hugepteoffset+0x3c/0x58 hugetlbfollowpagemask+0x74/0x438...
CVE-2025-38195
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix panic caused by NULL-PMD in hugepteoffset ERROR INFO: CPU 25 Unable to handle kernel paging request at virtual address 0x0 ... Call Trace: hugepteoffset+0x3c/0x58 hugetlbfollowpagemask+0x74/0x438...
CVE-2025-38195
CVE-2025-38195 concerns the Linux kernel LoongArch code, where a NULL-PMD handling path in huge_pte_offset() could trigger a kernel-panic when processing huge pages, as shown by the error trace and mitigation notes. The issue affects the kernel’s page fault / madvise pathways, with a local attack...
CVE-2025-38195 LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset()
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix panic caused by NULL-PMD in hugepteoffset ERROR INFO: CPU 25 Unable to handle kernel paging request at virtual address 0x0 ... Call Trace: hugepteoffset+0x3c/0x58 hugetlbfollowpagemask+0x74/0x438...
CVE-2025-21894 net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC
In the Linux kernel, the following vulnerability has been resolved: net: enetc: VFs do not support HWTSTAMPTXONESTEPSYNC Actually ENETC VFs do not support HWTSTAMPTXONESTEPSYNC because only ENETC PF can access PMaSINGLESTEP registers. And there will be a crash if VFs are used to test one-step...
Linux Distros Unpatched Vulnerability : CVE-2024-56629
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: wacom: fix when get product name maybe null pointer Due to incorrect dev-product reporting by certain devices, null pointer dereferences occur when...
Linux Distros Unpatched Vulnerability : CVE-2022-48645
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC taprio, cbs, gate, police are configured through a mix of command B...
Linux Distros Unpatched Vulnerability : CVE-2022-48640
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix NULL deref in bondrrgenslaveid Fix a NULL dereference of the struct...