Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: rpmpd: Check for a null return from devmkcalloc. Due to the potential failure of the allocation, data-domains might be a NULL pointer, and this could lead to the dereferencing of a NULL pointer later. Therefore, it mig...

UBUNTU-CVE-2022-50888

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5wcssinitmmio q6v5wcssinitmmio will call platformgetresourcebyname that may fail and return NULL. devmioremap will use res-start as input, which may causes null-ptr-deref...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986914)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986914 advisory. In the Linux kernel, the following vulnerability has been resolved: EDAC/qcom: Do not pass llccdrivdata as edacdevicectlinfo's pvtinfo The memory for llccdrivdata is...

EUVD-2023-59717

Malicious code in bioql PyPI...

CVE-2023-53465

In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcomswrmctrl-pconfig' has size of QCOMSDWMAXPORTS 14, however we index it starting from 1, not 0, to match real port numbers. This can lead to writing port config past...

UBUNTU-CVE-2022-50308

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Add checks for devmkcalloc As the devmkcalloc may return NULL, the return value needs to be checked to avoid NULL poineter dereference...

CVE-2025-39674 scsi: ufs: ufs-qcom: Fix ESI null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix ESI null pointer dereference ESI/MSI is a performance optimization feature that provides dedicated interrupts per MCQ hardware queue. This is optional feature and UFS MCQ should work with and without ESI...

CVE-2025-37979

CVE-2025-37979 affects the Linux kernel ASoC: qcom sc7280 LPASS driver. A commit introduces case values in the sc7280 lpass driver (e.g., RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params) that can trigger out-of-bounds accesses in driver data arrays. The issue is mitigated by redefining LPASS_MAX_PORTS ...

CVE-2023-53003

In the Linux kernel, the following vulnerability has been resolved: EDAC/qcom: Do not pass llccdrivdata as edacdevicectlinfo's pvtinfo The memory for llccdrivdata is allocated by the LLCC driver. But when it is passed as the private driver info to the EDAC core, it will get freed during the...

CVE-2023-53003

CVE-2023-53003 concerns a use-after-free in the Linux kernel’s EDAC/qcom path. The LLCC driver allocates llcc_driv_data, which was previously passed as private info to the EDAC core (edac_device_ctl_info). On driver release this data could be freed, and a subsequent probe would use the freed memo...

CVE-2024-56620 scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

CVE-2023-22996

In the Linux kernel before 5.17.2, drivers/soc/qcom/qcomaoss.c does not release an offinddevicebynode reference after use, e.g., with putdevice...

DEBIAN-CVE-2023-22999

In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3qcomcreateursusbplatdev return value expects it to be NULL in the error case, whereas it is actually an error pointer...

PT-2022-34958 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.6 Description: The issue concerns a fix for writes in a read-only memory region in the cpufreq qcom driver. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2022-35462 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.152 Description: A memory leak issue exists in the error path of the cpufreq qcom driver. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...