21 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fixed race conditions related to access to midibuf. There can be concurrent accesses to line6’s midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warnings...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: usb: aqc111: Fixed error handling of usbnet read calls Syzkaller, with the help of syzbot, identified an error in the aqc111 driver. This error was caused by incomplete sanitization of the results of usbnet read calls. Th...
CVE-2026-43139
The CVE-2026-43139 entry concerns the Linux kernel xfrm6 subsystem. The issue arises in xfrm6_get_saddr() which does not check the return value of ipv6_dev_get_saddr(); when ipv6_dev_get_saddr() fails with -EADDRNOTAVAIL, saddr->in6 remains uninitialized and xfrm6_get_saddr() incorrectly retur...
PT-2025-49658
In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy IOCTL ethtool interface. Since 'struct ethtool link ksettings' is not initialized in this path,...
EUVD-2025-9399
Malicious code in bioql PyPI...
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1957)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : gpio: Restrict usage of GPIO chip irq members before initializationCVE-2022-49072 mmc: core: use sysfsemit instead of sprintf.CVE-2022-49267 ipv4:...
AZL-59973 CVE-2025-21922 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
CVE-2025-21922
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
CVE-2025-21922
CVE-2025-21922 concerns a Linux kernel PPP driver issue where a 2-byte header used by socket filter/BPF is not fully initialized, triggering a KMSAN “uninit-value” warning. The root cause, as described, is that only the first byte of the direction indicator is initialized while the second byte re...
CVE-2025-21922 ppp: Fix KMSAN uninit-value warning with bpf
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
CVE-2025-21922 ppp: Fix KMSAN uninit-value warning with bpf
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
CVE-2025-21922
In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning with bpf Syzbot caught an "KMSAN: uninit-value" warning 1, which is caused by the ppp driver not initializing a 2-byte header when using socket filter. The following code can generate a PPP...
CVE-2025-21630
In the Linux kernel, the following vulnerability has been resolved: iouring/net: always initialize kmsg-msg.msginq upfront syzbot reports that -msginq may get used uinitialized from the following path: BUG: KMSAN: uninit-value in iorecvbufselect iouring/net.c:1094 inline BUG: KMSAN: uninit-value ...
CVE-2025-21630
...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-53066)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53066 advisory. - In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in...
CVE-2024-53066
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
CVE-2024-53066
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
CVE-2024-53066 nfs: Fix KMSAN warning in decode_getfattr_attrs()
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
CVE-2024-53066 nfs: Fix KMSAN warning in decode_getfattr_attrs()
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
CVE-2024-44954
In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: Fix racy access to midibuf There can be concurrent accesses to line6 midibuf from both the URB completion callback and the rawmidi API access. This could be a cause of KMSAN warning triggered by syzkaller below so pu...