252 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 "perf: RISC-V: throttle perf events", the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf: RISCV: Fix for panic occurring in the pmu overflow handler 1 idx of int is not desired when setting bits in unsigned long overflowctrs; use BIT instead. This panic occurs when running ‘perf record -e branches’ on sophgo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fixed NULL pointer access and potential loss of PEBS records When the intelpmudrainpebsicl function is called to drain PEBS records, the perfeventoverflow function might be called to process the last PEBS record. The...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nvdimm: The memory pointed to by ndpmu-pmu.attrgroups is allocated in the function registernvdimmpmu, and it is lost after the kfreendpmu call in the function unregisternvdimmpmu...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: perf/x86: Fixed the potential issue with bad containerof in intelpmuhwconfig. The auto counter reload may involve a group of events, some of which are software-related. The software event related to the PMU is not equivalent t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/paprscm: Do not request stats with a stats buffer of size “0”. Sachin reported 1 that on a POWER-10 lpar, he is encountering a kernel panic when the paprscm probe is called. The panic occurs as follows and is only observe...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fixed the use of a mutex in the IRQs-disabled section. The current imc-pmu code triggers a warning when CONFIGDEBUGATOMICSLEEP is enabled and CONFIGPROVELOCKING is also enabled, while a threadimc event is running...
PT-2026-34433
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bound memory access can occur in the x86 pmu del function when group sched in fails and requires a rollback. This happens because the inherit function uses event-pmu to clone...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect PMU context used by the perf event group, potentially leading to out-of-bound memor...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010896)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010896 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhpstateremoveinstancenocalls for hisihns3pmu uninit process When teari...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011049)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011049 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in armsmmupmuinit armsmmupmuinit won't remove the callback...
CVE-2026-23435
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...
CVE-2026-23435
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...
CVE-2026-23435
The CVE-2026-23435 entries describe a Linux kernel PMU/X86 perf vulnerability that was resolved. The root cause was a commit that moved cpuc->events[idx] assignment out of x86_pmu_start() into step 2 of x86_pmu_enable(), after PERF_HES_ARCH checks. This could allow a path that calls pmu->st...
CVE-2026-23435 perf/x86: Move event pointer setup earlier in x86_pmu_enable()
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...
CVE-2026-23435
In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001011)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001011 advisory. kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to t...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000705)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000705 advisory. arch/arm64/kernel/perfevent.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service invalid pointer...
CVE-2025-68798
A race condition flaw was found in the Linux kernel's AMD performance monitoring unit PMU code. A subtle timing window exists between NMI-triggered throttling which clears an event pointer and amdpmuenableall which dereferences it. This can result in a NULL pointer dereference and kernel crash on...