Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: igb: A potential invalid memory access issue has been fixed in igbinitmodule. The pciregisterdriver function may fail. When this occurs, the dcanotifier needs to be unregistered. Otherwise, the dcanotifier can be called when igb...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fixed error handling in enainit. The enainit function no longer destroys the workqueue created by createsinglethreadworkqueue when pciregisterdriver fails. Instead, call destroyworkqueue when pciregisterdriver fails to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992812)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992812 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix error handling in enainit The enainit won't destroy workqueue created by...

CVE-2022-50850 scsi: ipr: Fix WARNING in ipr_init()

In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call unregisterrebootnotifier when pciregisterdriver fails. notifier callback iprhalt ipr...

PT-2025-53968

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc1-00190-g39508d23b672 Description The Linux kernel contains an issue in the ipr init function within the SCSI subsystem. Specifically, ipr init does not call unregister reboot notifier when pci register...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to unregister the reboot notifier when pciregisterdriver fails, which could result in a kernel...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990790 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix error handling in enainit The enainit won't destroy workqueue created by...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988713)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988713 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavfinitmodule The iavfinitmodule won't destroy workqueue when...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986871 advisory. In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavfinitmodule The iavfinitmodule won't destroy workqueue when...

PT-2025-18530 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns error handling in the ena init function. Specifically, when pci register driver fails, ena init does not destroy the workqueue created by create singlethread...

DEBIAN-CVE-2024-52332

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igbinitmodule The pciregisterdriver can fail and when this happened, the dcanotifier needs to be unregistered, otherwise the dcanotifier can be called when igb fails to install, resulti...

UBUNTU-CVE-2024-52332

In the Linux kernel, the following vulnerability has been resolved: igb: Fix potential invalid memory access in igbinitmodule The pciregisterdriver can fail and when this happened, the dcanotifier needs to be unregistered, otherwise the dcanotifier can be called when igb fails to install, resulti...

DEBIAN-CVE-2022-49027

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavfinitmodule The iavfinitmodule won't destroy workqueue when pciregisterdriver failed. Call destroyworkqueue when pciregisterdriver failed to prevent the resource leak. Similar to the handling of...

CVE-2022-49028 ixgbevf: Fix resource leak in ixgbevf_init_module()

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: Fix resource leak in ixgbevfinitmodule ixgbevfinitmodule won't destroy the workqueue created by createsinglethreadworkqueue when pciregisterdriver failed. Add destroyworkqueue in fail path to prevent the resource leak...

Fedora 20 : xen-4.3.4-6.fc20 (2015-9965)

Heap overflow in QEMU PCNET controller, allowing guest-host escape XSA-135, CVE-2015-3209 1230537 GNTTABOPswapgrantref operation misbehavior XSA-134, CVE-2015-4163 vulnerability in the iret hypercall handler XSA-136, CVE-2015-4164 Potential unintended writes to host MSI message data field via qem...

Fedora 21 : xen-4.4.2-5.fc21 (2015-9466)

Potential unintended writes to host MSI message data field via qemu XSA-128, CVE-2015-4103, PCI MSI mask bits inadvertently exposed to guests XSA-129, CVE-2015-4104, Guest triggerable qemu MSI-X pass-through error messages XSA-130, CVE-2015-4105, Unmediated PCI register access in qemu XSA-131,...

Citrix XenServer Multiple Security Updates (CTX201145)

A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to crash the host. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.5 Service Pack 1...

Unmediated PCI register access in qemu

ISSUE DESCRIPTION Qemu allows guests to not only read, but also write all parts of the PCI config space but not extended config space of passed through PCI devices not explicitly dealt with for partial emulation purposes. IMPACT Since the effect depends on the specific purpose of the the config...

Non-maskable interrupts triggerable by guests

ISSUE DESCRIPTION Guests are currently permitted to modify all of the writable bits in the PCI command register of devices passed through to them. This in particular allows them to disable memory and I/O decoding on the device unless the device is an SR-IOV virtual function, in which case...

CVE-2009-1914

The pciregisteriommuregion function in arch/sparc/kernel/pcicommon.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service system crash by reading the /proc/iomem file, related to uninitialized pointers and the requestresource function...