39 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Firewire: ohci: prevents leakage of leftover IRQs when unbinding The commit 5a95f1ded28691e6 “Firewire: ohci: uses a devres for the requested IRQ” also removed the call to freeirq in pciremove. This resulted in a leftover IRQ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the bcm module, there was a issue where bo-bcmprocread was cleared after the removeprocentry function was called. The syzbot tool reported a warning in the bcmrelease function. The fix addressed another warning that occurs whe...
kernel: proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
SUSE CVE-2026-31403
In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's lifetime. exportsprocopen captures the caller's current network...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47709)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47709 advisory. - In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992967)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992967 advisory. In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmrelease. 0...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993096)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993096 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6routenetexitlate During the initialization of ip6routenetinitlate, if fil...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990878)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990878 advisory. In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after removeprocentry. syzbot reported a warning in bcmrelease. 0...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-389429)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-389429 advisory. In the Linux kernel, the following vulnerability has been resolved: can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcmconnect...
CLSA-2025-1754037187 Fix of 7 CVEs
CVE-url: https://ubuntu.com/security/CVE-2021-47352 - virtio-net: Add validation for used length CVE-url: https://ubuntu.com/security/CVE-2024-46771 - can: bcm: Remove proc entry when dev is unregistered. Bionic update: upstream stable patchset 2023-01-20 LP: 2003596 // CVE- url:...
UBUNTU-CVE-2025-38400
In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfsfsprocnetinit fails. syzbot reported a warning below 1 following a fault injection in nfsfsprocnetinit. 0 When nfsfsprocnetinit fails, /proc/net/rpc/nfs is not removed. Later, rpcprocexit...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: nfsd: Do not ignore the return code of svcprocregister. Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the creation of the procfile fails, the kernel will issue a WARN when it attempts to remove the...
SUSE CVE-2022-49903
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6routenetexitlate During the initialization of ip6routenetinitlate, if file ipv6route or rt6stats fails to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stats file...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a proc entry removal warning during network cleanup by the ipvs application, which could lead to a memory le...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a proc entry removal warning when ipvs cleans up a batch, which could lead to a memory leak...
AZL-68985 CVE-2025-22026 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...
SUSE CVE-2025-21999
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
UBUNTU-CVE-2025-21999
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in procgetinode Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde-procops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered...
Linux Distros Unpatched Vulnerability : CVE-2024-46771
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: bcm: Remove proc entry when dev is unregistered. syzkaller reported a warning in bcmconnect below. 0 The repro calls connect to vxcan1, removes vxcan1, and...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: The can: bcm module has been updated to remove the proc entry when the device is not registered. Syzkaller reported a warning in the bcmconnect function below. 0 The repro code calls connect on vxcan1, removes vxcan1, and then...