3271 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: A memory leak was fixed by using debugfslookup. When calling debugfslookup, the result must also contain a call to dput. Otherwise, a memory leak will occur over time. To simplify things, simply call...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fixed the null-pointer dereference in pgtablecacheadd. kasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtasflash: allows user copy to flash block cache objects With hardened usercopy enabled CONFIGHARDENEDUSERCOPY=y, using the /proc/powerpc/rtas/firmwareupdate interface to prepare a system firmware update results in a BUG:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: A null pointer check was added in opalpowercapinit. The kasprintf function returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some parts of the fp/vmx code in sstep.c assume a certain maximum size for the instructions being emulated. However, the size of these operations is determined separately in the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fixed access beyond the end of the drmem array The dlparmemoryremovebyindex function may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC index...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fixed the hard lockup that occurred due to vmap stack overflow. Since the commit c118c7303ad5 “powerpc/32: Fixed vmap stack – Do not activate the MMU before reading the task struct”, a vmap stack overflow would result...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: srcu: Delegating tasks to the booting CPU when using SRCUSIZESMALL. The commit 994f706872e6 “srcu: Making the Tree SRCU capable of operating without the snpnode array” assumes that CPU 0 is always online. However, there are...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Added ofnodeput in iommuinitearlydart. The devicenode pointer is returned by offindcompatiblenode, and its reference count is incremented. We should use ofnodeput to avoid the reference count leak...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: The issue related to ref-counting on the PMU “vpapmu” has been fixed. Commit 176cda0619b6 “powerpc/perf: Add a perf interface to expose vpa counters” introduced “vpapmu” to expose the Book3s-HV nested APIv2. This...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: A refcount leak has been fixed in formatshow. A refcount leak occurs when formatshow returns an error in multiple cases. Unified management of ofnodeput can fix this issue...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Fixed the crash caused by the scv instruction with kexec. Kexec on pseries disables AIL reloconexc, which is required for supporting scv instructions. This happens before other CPUs have been shut down. This mean...
Astra Linux – Vulnerability in Linux
The file “arch/powerpc/kvm/book3srtas.c” in the Linux kernel, as of version 5.13.5 on the powerpc platform, allows KVM guest OS users to cause memory corruption in the host OS through “rtasargs.nargs”, also known as CID-f62f3c20647e...
Astra Linux – Vulnerability in Linux, Linux 5.10
A issue was discovered in the Linux kernel for PowerPC before version 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to a bug in the implementation of arch/powerpc/kvm/book3shvrmhandlers.S, which handles the values of the SRR1 register...
SUSE CVE-2026-43416
In the Linux kernel, the following vulnerability has been resolved: powerpc, perf: Check that current-mm is alive before getting user callchain It may happen that mm is already released, which leads to kernel panic. This adds the NULL check for current-mm, similarly to commit 20afc60f892d "x86,...
Ubuntu 25.10 : Linux kernel (Raspberry Pi) vulnerabilities (USN-8257-1)
"The remote Ubuntu 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8257-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signatur...
Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8245-1)
"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8245-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify...
EUVD-2026-28722
In the Linux kernel, the following vulnerability has been resolved: powerpc, perf: Check that current-mm is alive before getting user callchain It may happen that mm is already released, which leads to kernel panic. This adds the NULL check for current-mm, similarly to commit 20afc60f892d "x86,...
CVE-2026-43416
In the Linux kernel, the following vulnerability has been resolved: powerpc, perf: Check that current-mm is alive before getting user callchain It may happen that mm is already released, which leads to kernel panic. This adds the NULL check for current-mm, similarly to commit 20afc60f892d "x86,...