71 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: lantiqgswip: Do not use devres for mdiobus As explained in the commits: 74b6d7d13307 “net: dsa: realtek: Register the MDIO bus using devres” 5135e96a3dd2 “net: dsa: Do not allocate the slavemiibus using devres” The...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: Net: lantiq – fixed memory corruption in the RX ring. In a situation where memory allocation or DMA mapping fails, an invalid address may be programmed into the descriptor. This can lead to memory corruption. If memory allocation...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: Fix refcount leak in gswipgphyfwlist In every iteration of foreachavailablechildofnode, the reference count of the previous node is decremented. When exiting the foreachavailablechildofnode loop prematurely...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: The operation gswipremove should perform the ofnodeputpriv-ds-slavemiibus-dev.ofnode before calling mdiobusfreepriv-ds-slavemiibus...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: lantiqetop: fixed a double-free condition in the “detach” operation. The number of descriptors that have been released so far is never incremented, which results in the same skb being released multiple times...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet; Device: lantiqetop; Issue: Memory disclosure during padding. When padding is applied, the buffer is not zeroed, resulting in memory disclosure. The affected data is observed on the network. This patch uses...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005566)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005566 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed,...
Azure Linux 3.0 Security Update: kernel (CVE-2024-41046)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41046 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix double fr...
Linux Distros Unpatched Vulnerability : CVE-2025-62525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using...
net: lantiq_xrx200: restore buffer if memory allocation failed
...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989805)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989805 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: ds...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989311)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989311 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: fix use after free in gswipremove ofnodeputpriv-ds-slavemiibus-dev.ofnode...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Sensitive Information in Resource Not Removed Before Reuse (CVE-2024-49997)
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
CVE-2025-62525
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
CVE-2025-62525
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
UBUNTU-CVE-2025-62525
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
CVE-2025-62525 OpenWrt vulnerable to local privilage escalation
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
EUVD-2025-35592
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
CVE-2025-62525 OpenWrt vulnerable to local privilage escalation
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...
CVE-2025-62525 OpenWrt vulnerable to local privilage escalation
OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...