6 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme: fixed memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace...
CVE-2026-23244
In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...
Azure Linux 3.0 Security Update: kernel (CVE-2025-37989)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37989 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A networ...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992980)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992980 advisory. In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992668)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992668 advisory. In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing...
CVE-2025-37989
In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition, which was traced to a memory leak in the PHY LED trigger code. The root cause is misuse of the devm API. The registration...