PT-2025-53041

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the iommufd subsystem where the same hardware-assisted page table hwpt could be added to the ioas-hwpt list multiple times. This double addition...

ipmi: Rework user message limit handling

...

EUVD-2024-53371

Malicious code in bioql PyPI...

EUVD-2022-54524

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56724)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56724 advisory. - In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain f...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-56723)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56723 advisory. - In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain f...

CVE-2022-49711

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

CVE-2022-49711

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

CVE-2024-57894

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix sleeping function called from invalid context This reworks hcicblist to not use mutex hcicblistlock to avoid bugs like the bellow: BUG: sleeping function called from invalid context at...

CVE-2024-57902 af_packet: fix vlan_get_tci() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangettci vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangettci to not touch skb at all, so that it can be used from many cpus on the same skb. Add a const qualifier...

CVE-2024-57894

...

CVE-2024-56724

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This was unveiled when...

CVE-2024-56723

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This was unveiled when...

CVE-2024-56723

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This was unveiled when...

CVE-2024-56724

CVE-2024-56724 affects the Linux kernel MFD driver for Intel/PMIC (intel_soc_pmic_bxtwc). The connected docs confirm a concrete root cause: the driver previously treated TMU devices under a single IRQ domain, causing mismatched IRQ domains across MFD devices. The fix is to rework the driver to us...

CVE-2024-56724 mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This was unveiled when...

CVE-2024-56724 mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain for TMU device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This was unveiled when...

CVE-2024-56723 mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices

In the Linux kernel, the following vulnerability has been resolved: mfd: intelsocpmicbxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has inherited flaws. This was unveiled when...

CVE-2024-56723

CVE-2024-56723 affects the Linux kernel driver for mfd/intel_soc_pmic_bxtwc. The vulnerability stems from not respecting IRQ domains when creating each MFD device, which can lead to incorrect IRQ handling and a WARN() on IRQ 0 (vIRQ) via platform_get_irq(). The Astra Linux security bulletin mirro...

CVE-2024-56691

CVE-2024-56691 affects the Linux kernel driver path for mfd: intel_soc_pmic_bxtwc. The vulnerability stems from the driver not respecting IRQ domains when creating each MFD device, exposing a faulty IRQ handling path (WARN on IRQ 0) due to using a vIRQ rather than proper IRQ domain numbering. The...