914 matches found
Siemens SCALANCE and RUGGEDCOM Devices Use After Free (CVE-2024-50269)
usb: musb: sunxi: accessing an released usb phy will cause that usb phy @glue-xceiv is accessed after released. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
SUSE CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
EUVD-2025-124965
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
CVE-2025-40118
CVE-2025-40118 is a Linux kernel vulnerability in the SCSI subsystem (pm80xx/pm8001) where rmmod could trigger an UBSAN array-index-out-of-bounds. The issue occurs when a device behind an expander has an attached_phy value that can exceed the local pm8001 PHY count, causing code to index pm8001_h...
CVE-2025-40120 net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend by default, so disabling it via the usbdriver flag is ineffective. O...
CVE-2025-40118 scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990805)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990805 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: initialize struct pn533outarg properly struct pn533outarg used as a temporary context...
kernel: net: phy: mscc: Fix memory leak when using one step timestamping
In the Linux kernel, the following vulnerability has been resolved: net: phy: mscc: Fix memory leak when using one step timestamping Fix memory leak when running one-step timestamping. When running one-step sync timestamping, the HW is configured to insert the TX time into the frame, so there is ...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990615)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what m...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988868)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988868 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present i...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989737)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989737 advisory. In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 phylib: Add device reset GPIO support...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989731)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989731 advisory. In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp-phy8' may be out of bound In line 5001, if...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990236)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990236 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what m...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989835)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989835 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsitransportsas: Fix error handling in sasphyadd If transportadddevice fails in sasphyadd,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990175)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990175 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: micrel: Allow probing without .driverdata Currently, if the .probe element is present i...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989728)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989728 advisory. In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fix possible memory leaks in dsaloopinit kmemleak reported memory leaks in dsaloopinit:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989082 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: ti: Fix missing sentinel for clkdivtable gettablemaxdiv tries to access clkdivtable array ou...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988706)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988706 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fix some resource leaks in mtkphyinit Use clkdisableunprepare in the error pat...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989334 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what m...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988739)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988739 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altrtsepcs function when using a fixed-link When using a fixed-link, t...