86 matches found
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: r6040: Fixed the kmemleak in the probe function and removed it. There is a memory leak reported by kmemleak: - Unreferenced object 0xffff888116111000 size 2048: comm “modprobe”, pid 817, jiffies 4294759745 age 76.502s Hex dump...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Do not use devres for mdiobus As explained in the commits: 74b6d7d13307 “net: dsa: realtek: Register the MDIO bus under devres” 5135e96a3dd2 “net: dsa: Do not allocate the slavemiibus using devres” The...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: In the net: dsa: mv88e6xxx module, there is a issue where the mv88e6xxxmdiosregister function causes a reference count leak. The ofgetchildbyname function returns a node pointer with a incremented reference count. Therefore, we...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: - net: dsa: felix: do not use devres for mdiobus. As explained in the commits: - 74b6d7d13307: “net: dsa: realtek: register the MDIO bus using devres”. - 5135e96a3dd2: “net: dsa: do not allocate the slavemiibus using devres”...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported a memory leak in the MDIO bus interface. The problem lay in incorrect state logic. The MDIOBUSALLOCATED state indicates two possible statuses: 1. The bus is only allocated. 2. The bus is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: mdio: fixed an undefined behavior in bit shifting for mdiobusregister. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows:...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init are a bad combination because the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init. Accessing a fre...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004863)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004863 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38110)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38110 advisory. - In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of- bound...
CVE-2025-71094
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device can return an invalid address = PHYMAXADDR, which causes a warning in...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993042)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993042 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992302)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992302 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...
CVE-2022-50624
The CVE-2022-50624 issue is in the Linux kernel’s netsec: fix error handling in netsec_register_mdio(). The root cause is improper cleanup when phy_device_register() or get_phy_device() fail during MDIO setup, leading to memory and object leaks. The documented fix ensures that: if phy_device_regi...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988951)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988951 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: mdio: fix memory leak Syzbot reported memory leak in MDIO bus interface, the problem was in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988852)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988852 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990082 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: unexport init-annotated mdiobusinit EXPORTSYMBOL and init is a bad combination because...
Security update for kernel-livepatch-MICRO-6-0_Update_4
This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...
Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794 CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM...
SUSE-SU-2025:3768-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002342 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987515)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987515 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: don't use devres for mdiobus As explained in commits: 74b6d7d13307 net: dsa:...