4815 matches found
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted can trigger a call trace or even a kernel panic when the parent proce...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spi controller, but the legacy remove function will be called first during device detach and trigger kern...
SUSE CVE-2025-40106
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory the splash memory region set up by the bootloader. It fixes a kernel panic arm-smmu: Unhandled...
EUVD-2025-37321
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
CVE-2025-40106
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
CVE-2025-40106
In CVE-2025-40106, the Linux kernel’s comedi_buf_munge() could divide by zero when chanlist_len is zero, since it performed async->munge_chan %= async->cmd.chanlist_len without a prior check. The fix adds an explicit zero-check at the start of comedi_buf_munge(), mirrors existing checks for...
CVE-2025-40106 comedi: fix divide-by-zero in comedi_buf_munge()
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first checking if chanlistlen is zero. If a user program submits a command with...
EUVD-2023-60045
Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS and cross-site request forgery CSRF via the Hypermap Replay component. An attacker can submit crafted input that is not properly validated or escaped, allowing injection of malicious script that executes in the context ...
Linux Distros Unpatched Vulnerability : CVE-2025-40106
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo operation async-mungechan %= async-cmd.chanlistlen without first...
SUSE CVE-2025-40041
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...
Linux Distros Unpatched Vulnerability : CVE-2025-40041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest trigge...
SUSE CVE-2025-40032
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Then it is prudent to check that they have non-NUL...
SUSE CVE-2025-40060
In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...
SUSE CVE-2025-40079
In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Sign extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58 Current testprogs pgtable: 4K pagesize, 57-bit...
CVE-2025-40060
In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...
CVE-2025-40060
In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...
CVE-2025-40041
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign-extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Oops1: CPU 0 Unable to handle kernel paging request at virtual address 0000000000741d58, era == 90000000851b5ac0, ra =...
AZL-78386 CVE-2025-40040 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise syzkaller discovered the following crash: kernel BUG 44.607039 ------------ cut here ------------ 44.607422 kernel BUG at mm/userfaultfd.c:2067! 44.608148 Oops: invalid opcode: 000...
CVE-2025-40032
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release The fields dmachantx and dmachanrx of the struct pciepftest can be NULL even after EPF initialization. Then it is prudent to check that they have non-NUL...