Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store the vhost pointer during subcrq allocation Currently, the back pointer from a queue to the vhost adapter is not set until after the subcrq interrupt registration. This value becomes available when a queue is...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003987 advisory. IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990064)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990064 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible...

NewStart CGSL MAIN 6.06 : gcc Vulnerability (NS-SA-2025-0227)

The remote NewStart CGSL host, running version MAIN 6.06, has gcc packages installed that are affected by a vulnerability: - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy...

Linux Distros Unpatched Vulnerability : CVE-2025-21869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Disable KASAN report during patching via temporary mm Erhard reports...

CVE-2023-30438

An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of...

DEBIAN-CVE-2022-49703

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Store vhost pointer during subcrq allocation Currently the back pointer from a queue to the vhost adapter isn't set until after subcrq interrupt registration. The value is available when a queue is first allocated a...

AZL-47991 CVE-2024-41070 affecting package kernel for versions less than 5.15.164.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible use-after-free UAF in kvmspaprtceattachiommugroup. It looks up stt from tablefd, but then continues to use it after doing fdput on the returne...

UBUNTU-CVE-2024-41070

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvmspaprtceattachiommugroup Al reported a possible use-after-free UAF in kvmspaprtceattachiommugroup. It looks up stt from tablefd, but then continues to use it after doing fdput on the returne...

CVE-2022-22445

An attacker that gains service access to the FSP POWER9 only or gains admin authority to a partition can compromise partition firmware...

IBM OPENBMC OP910 信息泄露漏洞

IBM OPENBMC OP910 is a POWER8 and POWER9 emulator from International Business Machines Corporation IBM.IBM OPENBMC OP920, OP930 and OP940 have a security vulnerability that could be exploited by an unauthenticated attacker to gain access to sensitive information...

DEBIAN-CVE-2020-4788

IBM Power9 AIX 7.1, 7.2, and VIOS 3.1 processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296...

gcc: POWER9 "DARN" RNG intrinsic produces repeated output

The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...

gcc: POWER9 "DARN" RNG intrinsic produces repeated output

The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...