Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - net: dsa: felix: do not use devres for mdiobus. As explained in the commits: - 74b6d7d13307: “net: dsa: realtek: register the MDIO bus using devres”. - 5135e96a3dd2: “net: dsa: do not allocate the slavemiibus using devres”...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: netsec: fixed error handling in netsecregistermdio. If phydeviceregister fails, phydevicefree must be called to reset the reference count; thus, the memory associated with the phy device and its name can be freed in the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a fre...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported a memory leak in the MDIO bus interface. The problem lay in incorrect state logic. The MDIOBUSALLOCATED state indicates two possible statuses: 1. The bus is only allocated. 2. The bus is...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, for the dsa module, in the mv88e6xxx code path, there was a issue with the refcount leak in the mv88e6xxxmdiosregister function. The ofgetchildbyname function returns a node pointer whose refcount is...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fixed an undefined behavior in bit shifting for mdiobusregister. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows:...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Fixed an unbalanced fwnode reference count in mdiodevicerelease. There is a warning report regarding a refcount leak when probing the mdio device: OF: Error: Memory leak; the expected refcount was 1 instead of 2. The...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: dsa: Fixed possible memory leaks in dsaloopinit. kmemleak: Reported memory leaks in dsaloopinit: kmemleak: 12 new suspected memory leaks. Unreferenced object 0xffff8880138ce000 size 2048: comm "modprobe", pid 390, jiffies...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe process and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Do not use devres for mdiobus As explained in the commits: 74b6d7d13307 “net: dsa: realtek: Register the MDIO bus under devres” 5135e96a3dd2 “net: dsa: Do not allocate the slavemiibus using devres” The...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013339 advisory. In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asixmdioread asixreadcmd may read less than sizeofsmsr bytes and in thi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011018 advisory. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007371 advisory. In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006675)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006675 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdiodevicerelease There is warning report abo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004863)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004863 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38111)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38111 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bound...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38110)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38110 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bound...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001140)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001140 advisory. The unimacmdioprobe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003731 advisory. The unimacmdioprobe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003533)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003533 advisory. The unimacmdioprobe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows...