923 matches found
PT-2026-45990
Name of the Vulnerable Software and Affected Versions Mercusys AC12G EU V1 version AC12GEU V1 200909 Description The UPnP GetStatusInfo action discloses kernel memory layout. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, which reveals the kernel...
CVE-2026-36602
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...
PT-2026-46013
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description On MIPS architecture, the current thread info is defined as a global register variable located in $gp and is assigned a new address during kernel relocation. A bug in LLVM causes it to...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an incorrect recovery of the gp value when the LLVM compiler in the MIPS architecture is used as a glob...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - For MIPS architecture: In mipscpcdefaultphysbase, a refcount leak was fixed. - The function ofnodeput was added to release the refcount incremented by offindcompatiblenode...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: MIPS: Cavium-Octeon: The issue of missing nodeput in octeon2usbclocksstart has been fixed. We should call nodeput for the reference uctlnode returned by ofgetparent, as this will increase the refcount. Otherwise, there will be a...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIGSCHEDCORE landed during 5.14 cycle, 2-core 2-thread-per-core interAptiv CPS-driven started emitting the following messages: 0.025698 CPU1 revision is:...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: mips: ralink: fixed a reference count leak in illaccofsetup. ofnodeputnp needs to be called when pdev == NULL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mips: cdmm: Fixed the refcount leak in mipscdmmphysbase. The offindcompatiblenode function returns a node pointer with the refcount incremented. We should use ofnodeput on it after processing. Also, add the missing ofnodeput to...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: mips: bmips: BCM6358: disabled RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass an empty environment variable. fwgetenv will use the environment variable entry to determine the style of the environment variables. However, it is legal for the firmware to simply pass an empty...
Astra Linux – Vulnerability in binutils
A issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in the processmipsspecific function in readelf.c, due to a malformed MIPS option section...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: MIPS: vpe-mt: fixed a possible memory leak when the module exits. After committing 1fa5ae857bb1 “driver core: removed the struct device’s busid string array”, the name of the device is allocated dynamically. This allocation needs...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fixed a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warning similar to the following, while we display /proc/cpuinfo. This...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: MIPS: pgalloc: fixed a memory leak caused by pgdfree The pgd page is freed by the generic implementation pgdfree since commit f9cb654cb550 „asm-generic: pgalloc: provides a generic pgdfree”, however, there are scenarios in which...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix for NULL pointer dereferencing After committing change 45c7e8af4a5e3f0bea4ac209 “MIPS: Remove KVMTE support”, we encountered a NULL pointer dereferencing issue when creating a KVM guest: 146.243409 Starting KVM wit...
Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8245-1)
"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8245-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify...
Ubuntu 25.10 : Linux kernel (Raspberry Pi) vulnerabilities (USN-8257-1)
"The remote Ubuntu 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8257-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signatur...
USN-8260-1 linux-azure-fips vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
USN-8257-1: Linux kernel (Raspberry Pi) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...