Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mtkethsoc: fixed SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will...

EUVD-2017-12337

Malware in sbrugna...

CVE-2025-37935

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will process ...

DEBIAN-CVE-2025-37935

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will process ...

UBUNTU-CVE-2025-37935

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will process ...

CVE-2025-37935

CVE-2025-37935 affects the Linux kernel MTK ethernet driver (mtk_eth_soc). The issue arises when mtk_poll_rx() sees MTK_RESETTING and jumps to release_desc to refill the SDP high word on 4GB RAM, causing mtk_rx_clean to process an incorrect SDP and trigger a panic. A patch from MediaTek’s SDK fix...

DEBIAN-CVE-2024-27432

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This can potentially le...

Authentication flaw

WiMAX routers based on the MediaTek SDK libmtk that use a custom httpd plugin are vulnerable to an authentication bypass allowing a remote, unauthenticated attacker to gain administrator access to the device by performing an administrator password change on the device via a crafted POST request...

CVE-2017-3216

CVE-2017-3216 affects WiMAX routers that use MediaTek libmtk httpd plugin and a customized commit2.cgi. A crafted POST request (ADMIN_PASSWD) can bypass authentication and let an unauthenticated attacker change the administrator password, gaining admin access and potentially full control of the d...

WiMAX CPE Authentication Bypass Vulnerability

Various WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi implemented in libmtkhttpdplugin.so. title: Various WiMAX CPEs Authentication Bypass product: see "Vulnerable...