CLSA-2026-1779375889 kernel: Fix of 95 CVEs

perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: cpufreq: scpi: Fixed a nullptrderef in scpicpufreqgetrate. The cpufreqcpugetraw function may return NULL when the target CPU is not present in the policy-cpus mask. The scpicpufreqgetrate function does not check for this case,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Firmware: armscpi: Ensure that scpiinfo is not assigned if the probe fails. When the scpi probe fails at any point, we need to ensure that scpiinfo is not set and will remain NULL until the probe succeeds. If this issue is not...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Firmware: armscpi: Check the DVFS OPP count returned by the firmware. A kernel crash occurs with the following call trace when the SCPI firmware returns an OPP count of zero. dvfsinfo.oppcount may be zero on some platforms...

ROS-20260202-73-0034

A vulnerability in the scpi-cpufreq.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-15349

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2025-15349

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2025-15349

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CVE-2025-15349

CVE-2025-15349 covers a race-condition vulnerability in the SCPI component of Anritsu ShockLine. The flaw arises from insufficient locking when operating on objects, allowing network-adjacent attackers to execute arbitrary code in the current process without authentication. Multiple sources confi...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004871)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004871 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at a...

MiracleLinux 9 : kernel-5.14.0-611.9.1.el9_7 (AXSA:2025-11506:95)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11506:95 advisory. kernel: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 kernel: sunrpc: fix client side handling of tls alerts...

MiracleLinux 8 : kernel-4.18.0-553.77.1.el8_10 (AXSA:2025-10931:75)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10931:75 advisory. kernel: nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 kernel: netsched: hfsc: Fix a UAF vulnerability in class handling...

CVE-2023-25366

In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...

CVE-2023-25367

Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS allows unfiltered user input resulting in Remote Code Execution RCE with SCPI interface or web server...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993020)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993020 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqgetrate cpufreqcpugetraw can return NULL when the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993066)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993066 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at a...

(0Day) Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SCPI component. The issue results from the lack of proper locking when...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992695 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqgetrate cpufreqcpugetraw can return NULL when the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992388)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992388 advisory. In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails When scpi probe fails, at a...