CVE-2025-37980 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37980 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-37770 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37770 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-58237 affecting package kernel for versions less than 6.6.92.2-1

CVE-2024-58237 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-21839 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-21839 affecting package kernel for versions less than 6.6.92.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-37878 affecting package kernel for versions less than 6.6.92.2-1

CVE-2025-37878 affecting package kernel for versions less than 6.6.92.2-1. A patched version of the package is available...

CVE-2024-44938 affecting package kernel for versions less than 5.15.182.1-1

CVE-2024-44938 affecting package kernel for versions less than 5.15.182.1-1. A patched version of the package is available...

AZL-70349 CVE-2022-50070 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ipv4/afinet.c:153 inetsockdestruct+0x6d0/0x8e0 net/ipv4/afinet.c:153 Modules linked in: uioivshmemOE ui...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/amd/display: Use HW lock mgr for PSR1’” This revertment is associated with the commit a2b5a9956269 “drm/amd/display: Use HW lock mgr for PSR1”. It may cause system hangs when connecting with the two EDP panels...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: The WARNON message in nouveaufencecontextkill has been fixed. Nouveau is designed in such a way that it is expected that fences are only signaled through nouveaufencesignal. However, at least in one other place,...

PT-2025-25335

Name of the Vulnerable Software and Affected Versions Insyde InsydeH2O kernel versions 5.4 through 05.46.01 Insyde InsydeH2O kernel versions 5.5 through 05.54.01 Insyde InsydeH2O kernel versions 5.6 through 05.61.01 Insyde InsydeH2O kernel versions 5.7 through 05.70.01 Description Improper input...

AZL-66702 CVE-2025-4598 affecting package kernel for versions less than 6.6.96.2-2

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the origina...

CVE-2023-28468

An issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an attacker to interact with the SPI flash at run-time from the OS...

CVE-2023-47252

An issue was discovered in PnpSmm in Insyde InsydeH2O with kernel 5.0 through 5.6. There is a possible out-of-bounds access in the SMM communication buffer, leading to tampering. The PNP-related SMI sub-functions do not verify data size before getting it from the communication buffer, which could...

CVE-2022-29279

Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice Use of a untrusted pointer allows tampering with SMRAM and OS memory in SdHostDriver and SdMmcDevice. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: versi...

CVE-2022-32266

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the parameter buffer used by a software SMI handler used by the...

CVE-2022-33982

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a TOCTOU attack on the SMI handler and lead to corruption of SMRAM. DMA attacks on the parameter buffer used by the software SMI handler used by the driver Int15ServiceSmm could lead to a TOCTOU...

CVE-2022-33906

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI handler could cause SMRAM corruption through a TOCTOU attack. DMA transactions which are targeted at input buffers used for the software SMI handler used by the FwBlockServiceSmm driver could cause...

CVE-2022-29276

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18...

CVE-2022-25337

Ibexa DXP ezsystems/ezpublish-kernel 7.5.x before 7.5.26 and 1.3.x before 1.3.12 allows injection attacks via image filenames...

CVE-2022-30773

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been checked but before they are used a TOCTOU attack. DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after parameter values have been...