PT-2025-25872 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the clk: bcm: rpi component. The issue arises from a while loop in the raspberrypi discover clocks function that...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4, the VPU firmware always crashes when the xHCI power-domain is resumed: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finishe...

USN-7550-6: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Sun RPC protocol; CVE-2024-56608, CVE-2024-53168, CVE-2024-56551...

USN-7539-1 linux-raspi vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2024-23848 Attila Szász discovered that the HFS+ file system...

PT-2025-30864

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to the mt76/mt7925 driver. Specifically, a NULL pointer dereference can occur in the mt7925 sta set decap offload function when the...

CVE-2021-38759

Raspberry Pi OS through 5.10 has the raspberry default password for the pi account. If not changed, attackers can gain administrator privileges...

CVE-2021-38545

Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...

CVE-2020-24572

An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured and virtually unrestricted web console to attack the underlying OS Raspberry Pi running this software, and execute commands on the system including ones for uploading o...

Energy Consumption Framework and Analysis of Post-Quantum Key-Generation on Embedded Devices

The emergence of quantum computing and Shor's algorithm necessitates an imminent shift from current public key cryptography techniques to post-quantum robust techniques. NIST has responded by standardising Post-Quantum Cryptography PQC algorithms, with ML-KEM FIPS-203 slated to replace ECDH...

USN-7523-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

USN-7493-1: Linux kernel (Raspberry Pi) vulnerabilities

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Clock framework and drivers; CVE-2024-58081...

USN-7489-1: Linux kernel vulnerability

One security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; CVE-2025-21813...

Machine Learning for Cyber-Attack Identification from Traffic Flows

This paper presents our simulation of cyber-attacks and detection strategies on the traffic control system in Daytona Beach, FL. using Raspberry Pi virtual machines and the OPNSense firewall, along with traffic dynamics from SUMO and exploitation via the Metasploit framework. We try to answer the...

AESHA3: Efficient and Secure Sub-Key Generation for AES Using SHA-3

Advanced Encryption Standard AES is one of the most widely used symmetric cipher for the confidentiality of data. Also it is used for other security services, viz. integrity, authentication and key establishment. However, recently, authors have shown some weakness in the generation of sub-keys in...

Fast Plaintext-Ciphertext Matrix Multiplication from Additively Homomorphic Encryption

Plaintext-ciphertext matrix multiplication PC-MM is an indispensable tool in privacy-preserving computations such as secure machine learning and encrypted signal processing. While there are many established algorithms for plaintext-plaintext matrix multiplication, efficiently computing...

SUSE CVE-2025-22011

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finished 70.727730...

DEBIAN-CVE-2025-22011

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finished 70.727730...

CVE-2025-22011

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finished 70.727730...

UBUNTU-CVE-2025-22011

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finished 70.727730...

CVE-2025-22011 ARM: dts: bcm2711: Fix xHCI power-domain

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finished 70.727730...