Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek – Fixed the omission of ofnodeput in mt2701wm8960machineprobe. This node pointer is returned by ofparsephandle, and the reference count is incremented in this function. Calling ofnodeput was performed to avoid the...

CVE-2023-54075

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989088 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix missing ofnodeput in mt2701wm8960machineprobe This node pointer is returned b...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986982)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986982 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173max98090devprobe Call ofnodeputplatformnode to avoid...

CVE-2025-38299 ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY()

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMPDUMMY ETDM2INBE and ETDM1OUTBE are defined as COMPEMPTY, in the case the codec dainame will be null. Avoid a crash if the device tree is not assigning a codec to these links...

DEBIAN-CVE-2022-49514

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173max98090devprobe Call ofnodeputplatformnode to avoid refcount leak in the error path...

CVE-2022-49161

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8183da7219max98357devprobe The devicenode pointer is returned by ofparsephandle with refcount incremented. We should use ofnodeput on it when done. This function only calls ofnodeput in the...

CVE-2024-56685

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Check numcodecs is not zero to avoid panic during probe Following commit 13f58267cda3 "ASoC: soc.h: don't create dummy Component via COMPDUMMY", COMPDUMMY became an array with zero length, and only gets populated...

USN-6949-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6952-2)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6952-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

USN-6955-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6955-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6955-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

USN-6952-1: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to...

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6952-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6952-1 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-6949-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6949-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

SUSE CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the cod...

USN-6818-4: Linux kernel (HWE) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 It was...

Ubuntu 22.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-6818-3)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-3 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

USN-6819-3: Linux kernel (OEM) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...