Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fixed PM usagecount for console handover When the console is enabled, univ8250consolesetup calls serial8250consolesetup before .dev is set to uartport. As a result, pmruntimegetsync will not be called. Later, when t...

EUVD-2026-27739

In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6pciprobe were jumping directly to outipu6busdeldevices without releasing the runtime PM reference. Add pmruntimeputsync before cleaning up other...

Linux Distros Unpatched Vulnerability : CVE-2026-31547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires th...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27003)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27003 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walki...

EUVD-2025-150366

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

SUSE CVE-2022-50491

In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in ctidisablehw ctienablehw and ctidisablehw are called from an atomic context so shouldn't use runtime PM because it can result in a sleep when communicating with firmware. Since commit 3c6656337852...

CVE-2025-38631

In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous external abort: 0000000096000010 1 PREEMPT SMP Workqueue...

CVE-2025-38668

CVE-2025-38668: In the Linux kernel regulator core, a NULL pointer dereference can occur on unbind if coupling data is stale because coupling_desc.n_coupled is not reset after freeing coupled_rdevs. This can affect runtime PM and other regulator operations that rely on coupling metadata, potentia...

CVE-2025-38631

In the Linux kernel, the following vulnerability has been resolved: clk: imx95-blk-ctl: Fix synchronous abort When enabling runtime PM for clock suppliers that also belong to a power domain, the following crash is thrown: error: synchronous external abort: 0000000096000010 1 PREEMPT SMP Workqueue...

PT-2026-5993

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.7+ 116 Description The Linux kernel contains a flaw related to power management in the Qualcomm USB2 PHY driver qcom-qusb2. Enabling runtime power management before the QPHY instance is attached as driver da...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing external runtime PM protection warning in the drm/xe driver...

Huawei HarmonyOS Security Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a broadcast vulnerability in the runtime management module. Successful exploitation of...

com.github.cchacin:cucumber-common-steps (>=0.0.2 <=0.1.8), com.github.httpmock:mock-http-server-junit (>=1.0.0 <=1.1.5) +217 more potentially affected by CVE-2020-1954 via org.apache.cxf:cxf-rt-management (>=2.0.10 <=3.2.12)

org.apache.cxf:cxf-rt-management MAVEN version =2.0.10, =0.0.2, =1.0.0, =1.0.0, =0.1.0, =2.0.0, =0.1.0, =1.0.0, =2.2.24.11, =2.2.10, =2.2.7, =2.2.9.1, =2.2.7, =2.2.7, =2.2.23.1 and more Source cves: CVE-2020-1954 Source advisory: OSV:GHSA-FFM7-7R8G-77XM...

GitLab CE/EE Cross-Site Request Forgery Vulnerability

GitLab is an open source application developed using Ruby on Rails that implements a self-hosted Git project repository that can be accessed through a web interface for public and private projects.GitLab EE is the GitLab Enterprise Edition and GitLab CE is the GitLab Community Edition. A cross-si...