Astra Linux - уязвимость в linux

In the file drivers/pci/hotplug/rpadlpar/sysfs.c within the Linux kernel up to version 5.11.8, the RPA PCI Hotplug driver suffers a user-tolerable buffer overflow when writing a new device name to the driver from user space. This allows user space to write data directly to the kernel stack frame...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414624 advisory. In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device...

Linux Distros Unpatched Vulnerability : CVE-2025-38639

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 b...

AZL-73488 CVE-2025-38639 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...

CVE-2025-38639

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...

CVE-2025-38639 netfilter: xt_nfacct: don't assume acct name is null-terminated

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...

CVE-2025-38639 netfilter: xt_nfacct: don't assume acct name is null-terminated

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtnfacct: don't assume acct name is null-terminated BUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721 Read of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851 .. string+0x231/0x2b0 lib/vsprintf.c:721...

Linux Distros Unpatched Vulnerability : CVE-2024-42257

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostrpad for svolumename As with the other strings in struct ext4superblock,...

SUSE CVE-2020-24383

An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service...

SUSE CVE-2021-28972

In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because...

DEBIAN-CVE-2021-28972

In drivers/pci/hotplug/rpadlparsysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because...

PT-2021-2511 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.11.8 Description: The issue is related to a user-tolerable buffer overflow in the RPA PCI Hotplug driver when writing a new device name to the driver from userspace, allowing userspace to write data to the kern...

CVE-2020-25107

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possibly Remote Code Execution...

kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command

A flaw was found in the Linux kernel's implementation of the Bluetooth Human Interface Device Protocol HIDP. A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the dohidpsockioctl function in net/bluetooth/hidp/sock.c.c. This function can leak...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1133-1)

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2010-4342 Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A...

Ubuntu: Security Advisory (USN-1133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1133-1: Linux kernel vulnerabilities

Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. A local attacker could send specially crafted traffic to crash the system, leading to a denial of service. CVE-2010-4342 Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A...