Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: enetc – fixed the deadlock caused by enetcmdiolock. After applying the workaround for err050089, the LS1028A platform experiences RCU stalls in the RT kernel. This issue is caused by the recursive acquisition of the read loc...

ROS-20260112-7359

A vulnerability in the dfxregsuninit function of the drivers/crypto/hisilicon/debugfs.c driver of the Linux kernel is related to the re-release of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

CVE-2023-54320

The CVE-2023-54320 issue in the Linux kernel affects the amd_pmc_stb_debugfs_open_v2() function (platform/x86/amd). When STB debug mechanism is enabled and amd_pmc_send_cmd() fails, the allocated buffer may not be freed, causing a memory leak. A fix was implemented to release the buffer in the fa...

Linux Distros Unpatched Vulnerability : CVE-2022-50753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free i...

SUSE CVE-2023-54007

In the Linux kernel, the following vulnerability has been resolved: vmcihost: fix a race condition in vmcihostpoll causing GPF During fuzzing, a general protection fault is observed in vmcihostpoll. general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 1 PREEMPT SM...

CVE-2023-54058

Technical details for CVE-2023-54058 are not publicly provided in the connected documents. Monitor for official patches/advisories; no product/version specifics or remediation details are included in the supplied materials.

UBUNTU-CVE-2025-68359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of qgroup record after failure to add delayed ref head In the previous code it was possible to incur into a double kfree scenario when calling adddelayedrefhead. This could happen if the record was reported...

SUSE CVE-2025-40352

In the Linux kernel, the following vulnerability has been resolved: platform/mellanox: mlxbf-pmc: add sysfsattrinit to countclock init The lock-related debug logic CONFIGLOCKSTAT in the kernel is noting the following warning when the BlueField-3 SOC is booted: BUG: key ffff00008a3402a8 has not be...

CVE-2025-68185 nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of the return value of createinformatblob, which could result in a null pointer dereference...

SUSE CVE-2025-40121

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver just ignores and leaves as is, which may lead to unepxected results like OOB access. This...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Staging: media: atomisp: Fixed a stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable, and the EFI variable is larger than the expected buffer size, two behaviors combine to cause a stack buffer...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: sched: Fix schednumafindnthcpu if the mask is offline. schednumafindnthcpu uses bsearch to find the “closest” CPU in scheddomainsnumamasks, given a CPU mask. However, the CPUs in the mask might not intersect if all CPUs in the...

UBUNTU-CVE-2025-40075

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu Replace three dstdev with a lockdep enabled helper...

EUVD-2025-36450

In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpfsockaddr Syzkaller found a kernel warning on the following sockaddr program: 0: r0 = 0 1: r2 = u32 r1 +60 2: exit which triggers: verifier bug: error during ctx access conversion 0 This is...

CVE-2023-53719 serial: arc_uart: fix of_iomap leak in `arc_serial_probe`

In the Linux kernel, the following vulnerability has been resolved: serial: arcuart: fix ofiomap leak in arcserialprobe Smatch reports: drivers/tty/serial/arcuart.c:631 arcserialprobe warn: 'port-membase' from ofiomap not released on lines: 631. In arcserialprobe, if uartaddoneport fails,...

CVE-2023-53667

CVE-2023-53667 affects the Linux kernel net/cdc_ncm path. The vulnerability arises when dwNtbOutMaxSize is lower than the calculated minimum but greater than zero, causing skb allocation in cdc_ncm_fill_tx_frame() to run out of space and potentially panic due to skb bounds checks. The patch/clamp...

CVE-2022-50517

CVE-2022-50517 relates to the Linux kernel THP handling in mm/huge_memory, where a swap page entry (swp_entry_t) could be clobbered during THP split if the head page wasn’t swapped, a bug identified and fixed by the commit b653db77350c. Affected behavior was observed under stress-ng mmap workload...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-410328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-410328 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspanbasehdr is present in skb-head syzbot reported a problem in ip6erspanrcv ...

EUVD-2025-25551

Malicious code in bioql PyPI...