44 matches found
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: Shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27; shift exponent 245 is too large for a 32-bit type ‘int’. Whe...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed UBSAN shift-out-of-bounds warnings If getnumsdmaqueues or getnumxgmisdmaqueues is 0, we perform a shift operation where the number of bits shifted equals the number of bits in the operand. This behavior is...
CVE-2026-43141
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...
CLSA-2026-1773043650 kernel: Fix of 10 CVEs
ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - net: ppp: Add bound checking for skb data on pppsynctxmung CVE-2025-37749 - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS CVE-2022-50315 - ext2: Check block size validity during mount CVE-2023-53569 - gfs2: Fix possible data races...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / Only IRQs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid / if 1 options1 & 0xdcfc However, it-optionsi is an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from the user space, so the shift amount...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...
CLSA-2026-1768895798 kernel: Fix of 7 CVEs
fs/proc: fix uaf in procreaddirde CVE-2025-40271 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-2978 - Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 - ALSA: usb-audio: Fix size...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002689)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002689 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...
EUVD-2022-55799
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on truesectorsperclst syzbot reported UBSAN error as below: 76.901829 T6677 ================================================================================ 76.903908 T6677 UBSAN: shift-out-of-bounds i...
kernel security update
3.10.0-1160.119.1.0.14 - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373 Orabug: 38644370 - nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 Orabug: 38644370 - netsched: hfsc: Fix a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989769)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989769 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where...
CVE-2025-40020
In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...
CVE-2025-40020
CVE-2025-40020 affects the Linux kernel’s CAN/Peak USB driver. The flaw arises from using a 64‑bit constant for a shift operation where the shift width is 32 bits (PC CAN FD interfaces), causing a shift‑out‑of‑bounds condition in can: peak_usb. The description states this was resolved via a fix i...
UBUNTU-CVE-2023-53703
In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... 6.120512 UBSAN: shift-out-of-bounds in...
CVE-2023-53703
CVE-2023-53703 (Linux kernel) : The issue arises in the HID/amd_sfh code where shifting values in the exp/shift calculation can exceed the 32-bit range, triggering UBSAN shift-out-of-bounds. The described impact is a UBSAN shift-out-of-bounds error in amd_sfh_desc.c (line 149) during the AMD SFH ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987625)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987625 advisory. In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received,...
CLSA-2025-1759866837 kernel: Fix of 44 CVEs
mm: zswap: fix missing folio cleanup in writeback race path CVE-2024-26832 - mm: fix zswap writeback race condition CVE-2023-53178 - dm array: fix releasing a faulty array block twice in dmarraycursorend CVE-2024-57929 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - gpio:...
EUVD-2025-26112
Malicious code in bioql PyPI...
UBUNTU-CVE-2021-4460
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If getnumsdmaqueues or getnumxgmisdmaqueues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand. This behaviour is...