Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: The issue of a reference count leak in qmpcoolingdevicesregister has been fixed. In every iteration of the foreachavailablechildofnode loop, the reference count of the previous node is decremented. When exiting t...

CVE-2026-43358

CVE-2026-43358 affects the Linux kernel's btrfs filesystem. The vulnerability is a missing RCU unlock in the error path of try_release_subpage_extent_buffer(), where rcu_read_lock() should be held before exiting the loop because an rcu_read_unlock() occurs past the loop. The issue was identified ...

PT-2026-39019

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A missing RCU Read-Copy-Update unlock in the error path of the try release subpage extent buffer function within the btrfs module can occur. This happens because a rcu read unlock call...

CVE-2022-50641

In the Linux kernel, the following vulnerability has been resolved: HSI: omapssi: Fix refcount leak in ssiprobe When returning or breaking early from a foreachavailablechildofnode loop, we need to explicitly call ofnodeput on the child node to possibly release the node...

CVE-2025-66559 Taiko Alethia Pacaya inbox verification pointer corruption

Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox.verifyBatches packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678 advanced the local tid to whatever...

UBUNTU-CVE-2022-50582

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Prevent integer underflow By using a ratio of delay to pollenabledtime that is not integer timeremaining underflows and does not exit the loop as expected. As delay could be derived from DT and pollenabledtime is...

CVE-2022-50582

The CVE refers to the Linux kernel regulator core vulnerability (CVE-2022-50582) where a non-integer ratio of delay to poll_enabled_time can cause time_remaining to underflow and the loop not exit. The documented fix is to use a signed iterator so the loop exits when remaining time becomes negati...

CVE-2022-50520

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeonatrmgetbios As comment of pcigetclass says, it returns a pcidevice with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we...

EUVD-2022-55458

Malicious code in bioql PyPI...

ROS-20250911-07

A vulnerability in the Apache Commons Compress archiver is related to the execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to affect the integrity, availability, and confidentiality of protected information. confidentiality of...

UBUNTU-CVE-2025-38671

In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...

CVE-2025-38671

CVE-2025-38671 affects the Linux kernel i2c: qup driver. Root cause: timeout handling only set a return value and did not exit the loop when a client keeps the bus active, enabling kernel hang (observed with PCA953x GPIO extender). Fix: change the logic to return via -ETIMEDOUT, jumping out of th...

CVE-2025-38671 i2c: qup: jump out of the loop in case of timeout

In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...

ROS-20240918-05

A vulnerability in the net component of the Golang programming language is related to the execution of a loop with an inaccessible exit condition. exit condition. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

UBUNTU-CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

SUSE CVE-2019-12068

In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 fixed, when executing script in lsiexecutescript, the LSI scsi adapter emulator advances 's-dsp' index to read next opcode. This can lead to an infinite loop if the nex...

Malicious code in dep-loop-exit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0ad48a7ef0c36b270f48536d4c55cc157e68784983d0ac098c548b45e1935ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...