4844 matches found
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990014)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990014 advisory. In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release The drvdata is not available in release. Let's just use...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989339)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989339 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: consistently handle PLTs. Sometimes it is necessary to use a PLT entry to call an...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989191)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989191 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990265)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990265 advisory. In the Linux kernel, the following vulnerability has been resolved: um: ubd: Do not use drvdata in release The drvdata is not available in release. Let's just use...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990194)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990194 advisory. In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: make sure CBR is correctly set It was discovered that some device have CBR...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989799)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989799 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check for inline inode Yanming reported a kernel bug in Bugzilla kernel 1,...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988726)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988726 advisory. In the Linux kernel, the following vulnerability has been resolved: qede: confirm skb is allocated before using qedebuildskb assumes buildskb always works and goes...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990082 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988945)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988945 advisory. In the Linux kernel, the following vulnerability has been resolved: Add exception protection processing for vd in axichanhandleerr function Since there is no...
PT-2025-49095
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2+ 38 Description The Linux kernel had a flaw related to vfat filesystem handling when emulating an nvme device on qemu with specific block size settings. Specifically, when both logical block size and...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARNON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout that causes kernel panic when “paniconwarn” is enabled, and unnecessary call trace prints when...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: common: stsensors: Fixed the use of uninitialized device structures. In various probe functions, indiodev-dev is used before it is initialized. This caused a kernel panic in stsensorspowerenable when the call to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: f2fs: added a sanity check on sitbitmapsize. With the above testcase, resizing will generate a corrupted image that contains inconsistent metadata. As a result, when mounting such an image, the kernel will trigger a panic. Steps ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check the availability of the workqueue allocated by the idxd WQ driver before using it. Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: arm64/entry: DAIF was unmasked in cpuswitchto, and called on the irqstack. cpuswitchto and callonirqstack manipulate the SP to switch to different stacks, along with the Shadow Call Stack if it is enabled. These two stack...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: Use devm function instead of driver remove The driver uses devm APIs to manage clk/irq/resources and registers the spi controller. However, the legacy remove function is called first during device detachment, causi...
SUSE CVE-2025-40106
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
EUVD-2025-37321
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
CVE-2025-40106
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
CVE-2025-40106
In CVE-2025-40106, the Linux kernel’s comedi_buf_munge() could divide by zero when chanlist_len is zero, since it performed async->munge_chan %= async->cmd.chanlist_len without a prior check. The fix adds an explicit zero-check at the start of comedi_buf_munge(), mirrors existing checks for...