Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

CVE-2025-71235 affecting package kernel for versions less than 5.15.202.1-1

CVE-2025-71235 affecting package kernel for versions less than 5.15.202.1-1. An upgraded version of the package is available that resolves this issue...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-107 (ALASKERNEL-5.10-2025-107)

The version of kernel installed on the remote host is prior to 5.10.244-240.970. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-107 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling...

Exploit for CVE-2025-39866

CVE-2025-39866 - use-after-free Author: Byte Reaper...

AZL-66833 CVE-2025-38714 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds in hfsplusbnoderead The hfsplusbnoderead method can trigger the issue: 174.852007 T9784 ================================================================== 174.852709 T9784 BUG: KASAN:...

Linux Distros Unpatched Vulnerability : CVE-2025-38158

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after...

CVE-2025-38227 affecting package kernel for versions less than 6.6.96.1-1

CVE-2025-38227 affecting package kernel for versions less than 6.6.96.1-1. A patched version of the package is available...

SUSE CVE-2025-38158

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

AZL-64613 CVE-2025-38158 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest kernel-mode encryption services failure. Comparing the definition of hardware registers, we found that the...

PT-2025-27743

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the hisi acc vfio pci module, where the dma addresses of EQE and AEQE are incorrect after migration, resulting in...

AZL-54595 CVE-2024-53099 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link-type in bpflinkshowfdinfo If a newly-added link type doesn't invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may result in an out-of-bounds access. To spot such missed invocations early in the...

AZL-59267 CVE-2024-26811 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. ksmbd should validate payload size of ipc response from ksmbd.mountd to avoid...

SUSE CVE-2007-1000

The ipv6getsockoptsticky function in net/ipv6/ipv6sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference...

PT-2022-36210 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.79 Description: The issue is related to the addition of a sentinel to the quirks table in the Ralink MT7621-PCI driver. The actual impact and attack plausibility have not yet been proven. Recommendations:...

kernel: Race condition in sound system can lead to denial of service

In the Linux kernel versions 4.12, 3.10, 2.6, and possibly earlier, a race condition vulnerability exists in the sound system allowing for a potential deadlock and memory corruption due to use-after-free condition and thus denial of service. Due to the nature of the flaw, privilege escalation...

Multiple Vulnerabilities in Sprecher AutomationSPRECON-E-C,PU-2433

Sprecher Automation GmbH provides switchgear and automation solutions for energy, industry and infrastructure development, among others. Power utilities, industry, transportation companies, municipal utilities and public institutions are among its customers. 1 An authentication path traversal...

Linux kernel local denial of service vulnerability (CNVD-2017-33100)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'imonprobe' function in the drivers/media/rc/imon.c file in Linux kernel 4.13.11 and earlier versions. A local attacker c...

NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel

======= Summary ======= Name: Symantec Messaging Gateway - SSH with backdoor user account + privilege escalation to root due to very old Kernel Release Date: 30 November 2012 Reference: NGS00267 Discoverer: Ben Williams [email protected] Vendor: Symantec Vendor Reference: Systems Affecte...

kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace

net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: sctp: crash due to malformed SCTPChunkInit packet

The sctpprocessunkparam function in net/sctp/smmakechunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service system crash via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data...