Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Follow the approach used in other DMA-enabled MMC host drivers see host/mmci.c, and limit the maximum segment size based on the capabilities of the DMA engine. This is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access The commit 4d0c8d0aef63 “mmc: core: Use mrq.sbc in close-ended ffu” assigns previdata = idatasi - 1, but does not check that the iterator i is greater than zero. We will fix this ...

Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the extension failing to safely process untrusted client input of an attacker-controlled cookie directly to PHP's unserialize. A remote, unauthenticated attacker can supply a crafted serialized...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: omaphsmmc: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, it will cause two issues: 1. The memory allocated in mmcallochost may be leaked. 2. In the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Fixed a kernel panic that occurred when removing a non-standard SDIO card. The SDIO tuple is only allocated for standard SDIO cards. Non-standard SDIO cards can cause memory corruption issues when they are removed. Thi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300 – Fixed the return value check in mmcaddhost. If we ignore the return value of mmcaddhost, the memory allocated in mmcallochost may be leaked, leading to a kernel crash due to the removal of devices that were not...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021542)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021542 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxpci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...

CVE-2026-43484

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in asynchronous contexts. The host-claimed bit shared a word with retune flag...

PT-2026-40691

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mmc core where the host-claimed bit shares a word with retune flags. This configuration leads to Read-Modify-Write RMW side effects in asynchronous contexts...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-msm: pervent access to suspended controller The generic sdhci code registers the LED device and uses the host-runtimesuspended flag to protect access to it. The sdhci-msm driver does not set this flag, which results in...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: mxcmmc: Fix the return value check in mmcaddhost. mmcaddhost may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the removal of devices...

Astra Linux – Vulnerability in Linux, Linux 5.10

In mmcblkreadsingle of block.c, there is a way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card triggers errors, without requiring additional execution privileges. User interaction is not required for exploitation...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: sunplus: fixed the return value check in mmcaddhost The mmcaddhost function may return an error if we ignore its return value. As a result: 1. The memory allocated in mmcallochost will be leaked. 2. A null-ptr-deref...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: via-sdmmc: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, it will cause two issues: 1. The memory allocated in the mmcallochost function may be leake...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: wmt-sdmmc: Fix the return value check in mmcaddhost. The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevents the transmitted data size from exceeding the length of sgm. No check is performed on the size of the data to be transmitted. This can lead to a kernel panic when the transmitted data size exceeds the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: atmel-mci: fixed the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, it will cause two issues: 1. The memory allocated in mmcallochost may be leaked. 2. In the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: mmcspi: fixed error handling in mmcspiprobe If mmcaddhost fails, there is no need to call mmcremovehost; otherwise, it may cause a null-ptr-deref issue, due to deleting a device that was not properly added in mmcremovehost. ...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: moxart: Fix the return value check in mmcaddhost The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the remova...