MAL-2026-4434 Malicious code in @semacode/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28a3662b8e26593b7bfec35d4d4f02595144885ee738891c4c9e6a89f9e50fbb The bundled CLI dist/index.js contains a hardcoded outbound POST to https://sema.otimitare.online combined with reads of process.env and...

Malicious code in @semacode/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28a3662b8e26593b7bfec35d4d4f02595144885ee738891c4c9e6a89f9e50fbb The bundled CLI dist/index.js contains a hardcoded outbound POST to https://sema.otimitare.online combined with reads of process.env and...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: EDAC/qcom: Do not pass llccdrivdata as edacdevicectlinfo’s pvtinfo. The memory for llccdrivdata is allocated by the LLCC driver. However, when it is passed as private driver information to the EDAC core, it will be freed during t...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Media: ts2020: Fix for nullptrderef in ts2020probe KASAN reported a nullptrderef issue when executing the following command: bash echo ts2020 0x20 /sys/bus/i2c/devices/i2c-0/newdevice KASAN: Nullptrderef in range...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: media: iris: Added missing platform data entries for SM8750. Two platform-data fields for SM8750 were omitted: - getvpubuffersize = irisvpu33bufsize Without this field, the driver fails to allocate the required internal buffer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: lgdt3306a: A check against a null-pointer-def was added. The driver should check whether the client provides the platformdata. The following log reveals this: 29.610324 BUG: KASAN: nullptrderef in kmemdup+0x30/0x40 29.6107...

SUSE CVE-2022-48750

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fix crash in clearcaseopen Paweł Marciniak reports the following crash, observed when clearing the chassis intrusion alarm. BUG: kernel NULL pointer dereference, address: 0000000000000028 PGD 0 P4D 0 Oops: 0000 1...

Linux Distros Unpatched Vulnerability : CVE-2026-43235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM875...

CVE-2026-43235

A flaw was found in the iris media driver within the Linux kernel. Missing platform data entries for the SM8750 component prevent the driver from allocating necessary internal buffers. This can lead to failures in basic video decoding and encoding operations, effectively causing a Denial of Servi...

CVE-2026-43259

CVE-2026-43259 affects the Linux kernel in the phy: fsl-imx8mq-usb driver. The vulnerability arises from missing platform_set_drvdata(), with data intended for use in remove(). The fixed code adds the missing platform_set_drvdata() call in the driver. Impact, as per the CVE details, is consistent...

CVE-2026-43259

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...

CVE-2026-43235 media: iris: Add missing platform data entries for SM8750

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...

CVE-2026-43235

Summary: CVE-2026-43235 affects the Linux kernel iris media driver for SM8750. The vulnerability arises from two missing platform-data entries in the iris driver, which prevents proper internal buffer allocation and incomplete capability checks. What’s affected: Linux kernel/iris media driver (SM...

CVE-2026-43235

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...

CVE-2026-43235

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...

PT-2026-37575

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - get vpu buffer size = iris vpu33 buf size Without this, the driver fails to allocate the required internal buffers,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: nct6775 Fixed the crash in clearcaseopen. Paweł Marciniak reported the following crash, which occurred when clearing the chassis intrusion alarm. Bug: NULL pointer dereferencing in the kernel; address: 0000000000000028. PG...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/dwcpcie: fix duplicate pcidev devices During platformdeviceregister, wrongly using struct device pcidev as platformdata caused a kmemdup copy of pcidev. Worse still, accessing the duplicated device leads to list corruption a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf: arm-ni: Fix missing platformsetdrvdata Add missing platformsetdrvdata in armniprobe, otherwise calling platformgetdrvdata in remove returns NULL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fixed SGI cleanup issues when unbinding is performed. The driver incorrectly determines whether an interrupt is an SGI or SPI interrupt by checking if the IRQ number is less than 16. This issue occurs with...