Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Added an addpages override for PPC. With the commit ffa0b64e3be5 “powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit”, the kernel now validates the addr against the highmemory value. This results in the...

SUSE SLED15: grub2 / grub2-arm64-efi / grub2-arm64-efi-debug / etc (SUSE-SU-2025:4196-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4196-1 advisory. - CVE-2025-54770: Fixed missing unregister call for netsetvlan command may lead to use-after-fre...

DEBIAN-CVE-2025-38088

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region si...

UBUNTU-CVE-2023-53097

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

SUSE CVE-2021-47632

In the Linux kernel, the following vulnerability has been resolved: powerpc/setmemory: Avoid spinlock recursion in changepageattr Commit 1f9ad21c3b38 "powerpc/mm: Implement setmemory routines" included a spinlock to changepageattr in order to safely perform the three step operations. But then...

UBUNTU-CVE-2022-49666

In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add addpages override for PPC With commit ffa0b64e3be5 "powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit" the kernel now validate the addr against highmemory value. This results in the below BUGON with da...

CVE-2022-49666

CVE-2022-49666 concerns the Linux kernel, specifically the powerpc/memhotplug path. The issue arises from an add_pages override for PPC, where the kernel began validating addresses against high_memory after commit ffa0b64e3be5 (powerpc: Fix virt_addr_valid() for 64-bit). This leads to a BUG_ON in...

CVE-2024-56678

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copyfromkernelnofault can be called when doing read of /proc/kcore. /proc/kcore can have some unmapped kfence objects which when read via copyfromkernelnofault can cause page...

CVE-2023-52607 powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtablecacheadd kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

kernel: powerpc: RTAS calls can be used to compromise kernel integrity

A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further increase their privileges to...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2019-12817

arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are affected...

USN-3084-2 linux-lts-xenial vulnerabilities

USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A...

USN-3070-3 linux-snapdragon vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacke...