77 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Problem description =================== Lockdep reports a possible circular locking dependency AB/BA between &pl-statemutex and &phy-lock, as follows: phylinkresolve // acquires &pl-statemutex - phylinkmajorconfig - phyconfiginba...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: phy: allowing MDIO bus PM operations to initiate/stop the state machine for phylink-controlled PHYs. DSA has two types of drivers: 1. Those that call dsaswitchsuspend and dsaswitchresume from their device’s PM operations:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: phylink: added a lock to serialize concurrent pl-phydev writes with resolver. Currently, phylinkresolve protects itself against concurrent calls to phylinkbringupPhyio or phylinkdisconnectPhyio that modify pl-phydev by relyi...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was experiencing the following locking assertion when executing PM resume: 42.208116 T164 RTNL: assertion failed at drivers/net/phy/phylink.c 2611...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload Move am65cpswnussphylinkcleanup call to after am65cpswnusscleanupndev so phylink is still valid to prevent the below Segmentation fault on module remove when...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: In the net: phy section, phydev-devlink should be cleared when the device link is deleted. There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phydetach calls...
kernel security update
An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
RLSA-2026:0453 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: multitouch: fix slab out-of-bounds access in mtreportfixup CVE-2025-39806 kernel: audit: fix out-of-bounds read in auditcomparednamepath CVE-2025-39840 kernel: mm: slub: avoid wake u...
RHEL 10 : kernel (RHSA-2026:0453)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0453 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: multitouch: fix slab...
Oracle Linux 10 : kernel (ELSA-2026-0453)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0453 advisory. - usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths CKI Backport Bot RHEL-137150 CVE-2025-68287 - drm/vmwgfx: Validate...
kernel: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
A flaw was found in the Linux kernel’s phylink subsystem: when phylinkresolve executes while pl-statemutex is held, it may acquire pl-phydev-lock out of order relative to other paths phylinkbringupphy or phylinkdisconnectphy that acquire pl-phydev-lock prior to pl-statemutex. This lock inversion...
ALSA-2026:0453 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: multitouch: fix slab out-of-bounds access in mtreportfixup CVE-2025-39806 kernel: audit: fix out-of-bounds read in auditcomparednamepath CVE-2025-39840 kernel: mm: slub: avoid wake u...
OPENSUSE-SU-2025:20172-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...
net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY
...
EUVD-2025-31836
A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called...
EUVD-2025-31846
A weakness has been identified in itsourcecode Student Transcript Processing System 1.0. Affected is an unknown function of the file /login.php. Executing manipulation of the argument uname can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made availabl...
Linux Distros Unpatched Vulnerability : CVE-2025-39915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: transfer phyconfiginband locking responsibility to phylink Problem description =================== Lockdep reports a possible circular locking...
Linux Distros Unpatched Vulnerability : CVE-2025-39905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phylink: add lock for serializing concurrent pl-phydev writes with resolver Currently phylinkresolve protects itself against concurrent phylinkbringupphy o...
EUVD-2025-12934
Malicious code in bioql PyPI...