Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the incorrect setting of maxcorrreaderrors. There is no input validation when using the echo md/maxreaderrors command, and an overflow might occur. Add validation for the input number...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: aqc111: Fixed error handling of usbnet read calls Syzkaller, with the help of syzbot, identified an error in the aqc111 driver. This error was caused by incomplete sanitization of the results of usbnet read calls. Th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

Linux Distros Unpatched Vulnerability : CVE-2026-33598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

SUSE SLES12 Security Update : libssh (SUSE-SU-2026:1344-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1344-1 advisory. - CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. - CVE-2026-0964: SCP protocol path travers...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005762)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005762 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo...

ROS-20260128-73-0024

A vulnerability in the hciinitstagesync function of the Linux operating system kernel is related to read errors outside buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005197 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfsfindentry Syzbot reported that a task hang occu...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38153)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38153 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of...

ROS-20260120-7364

A vulnerability in the ibftattrshownic driver function drivers/firmware/iscsiibft.c of the Linux kernel is related to read errors outside of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-71136 media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It's possible for cpread and hdmiread to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return...

CVE-2025-71136

CVE-2025-71136 affects the Linux kernel’s media: adv7842 path. The vulnerability arises when cp_read() or hdmi_read() return -EIO and these values are used as indexes in arrays within adv7842_cp_log_status(), causing possible out-of-bounds accesses. The issue is resolved by adding checks on retur...

CVE-2022-23429

An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash...

SUSE CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-993270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993270 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo...

EUVD-2023-60461

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

UBUNTU-CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

UBUNTU-CVE-2023-54266

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...