Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device in versions prior to 6.1.0. The issue occurs when handling a “PVRDMAREGDSRHIGH” write from the guest, and it may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001988)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001988 advisory. The recalculateapicmap function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service ho...

EUVD-2025-200031

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

EUVD-2025-200032

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

PT-2025-48480

Name of the Vulnerable Software and Affected Versions Socomec DIRIS Digiware M-70 version 1.6.9 Description A denial of service condition can occur due to specially crafted network requests targeting the Modbus TCP and Modbus RTU over TCP functionality. An attacker can trigger this by sending...

EUVD-2019-5354

Malware in sbrugna...

CVE-2023-53169 x86/resctrl: Clear staged_config[] before and after it is used

In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Clear stagedconfig before and after it is used As a temporary storage, stagedconfig in rdtdomain should be cleared before and after it is used. The stale value in stagedconfig could cause an MSR access error. Here is...

nvme-fabrics: use reserved tag for reg read/write command

...

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

CVE-2019-14100

Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX5...

DEBIAN-CVE-2025-37870

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: prevent hang on link training fail Why When link training fails, the phy clock will be disabled. However, in enablestreams, it is assumed that link training succeeded and the mux selects the phy clock, causing a...

DEBIAN-CVE-2023-53042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

kernel: nvme-fabrics: use reserved tag for reg read/write command

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

SUSE CVE-2024-41082

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: use reserved tag for reg read/write command In some scenarios, if too many commands are issued by nvme command in the same time by user tasks, this may exhaust all tags of adminq. If a reset nvme reset or IO timeout...

SUSE CVE-2021-47437

In the Linux kernel, the following vulnerability has been resolved: iio: adis16475: fix deadlock on frequency set With commit 39c024b51b560 "iio: adis16475: improve sync scale mode handling", two deadlocks were introduced: 1 The call to 'adiswritereg16' was not changed to it's unlocked version. 2...

kernel: drm/amd/display: Do not set DRR on pipe Commit

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

Rocky Linux 8 : kernel (RLSA-2022:6460)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:6460 advisory. - Incomplete cleanup of multi-core shared buffers for some IntelR Processors may allow an authenticated user to potentially enable information disclosur...

SUSE CVE-2012-2313

The rioioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call...

SUSE CVE-2021-3750

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

RHEL 8 : kernel (RHSA-2022:7279)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7279 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: a use-after-free in clsroute...