Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained format strings where the dynamic parts are just some hexadecimal numbers or similar elements. However,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005145)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005145 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-387199)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387199 advisory. In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Block path traversal Most firmware names are hardcoded strings, or are constructe...

CVE-2024-47742

CVE-2024-47742 : Linux kernel firmware_loader path traversal vulnerability. Several code paths construct firmware filenames from device or userspace data (e.g., lpfc_sli4_request_firmware_update, nfp_net_fw_find, module_flash_fw_schedule). The issue arises when dynamic firmware names can include ...