Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / Only IRQs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid / if 1 options1 & 0xdcfc However, it-optionsi is an...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: Shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27; shift exponent 245 is too large for a 32-bit type ‘int’. Whe...

CVE-2026-43141

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddownpowoftwo will cause undefined behaviour and should not be performed. This...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from userspace, so the shift amount could ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed the UBSAN shift-out-of-bounds warning If getnumsdmaqueues or getnumxgmisdmaqueues is 0, we perform a shift operation where the number of bits shifted equals the number of bits in the operand. This behavior is...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

CLSA-2026-1773043650 kernel: Fix of 10 CVEs

ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - net: ppp: Add bound checking for skb data on pppsynctxmung CVE-2025-37749 - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS CVE-2022-50315 - ext2: Check block size validity during mount CVE-2023-53569 - gfs2: Fix possible data races...

CLSA-2026-1768895798 kernel: Fix of 7 CVEs

fs/proc: fix uaf in procreaddirde CVE-2025-40271 - fs: fix UAF/GPF bug in nilfsmdtdestroy CVE-2022-2978 - Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 - net: sched: sfb: fix null pointer access issue when sfbinit fails CVE-2022-50356 - ALSA: usb-audio: Fix size...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002689 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact ...

EUVD-2022-55799

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Avoid UBSAN error on truesectorsperclst syzbot reported UBSAN error as below: 76.901829 T6677 ================================================================================ 76.903908 T6677 UBSAN: shift-out-of-bounds i...

kernel security update

3.10.0-1160.119.1.0.14 - HID: core: fix shift-out-of-bounds in hidreportrawevent CVE-2022-48978 Orabug: 38644370 - crypto: seqiv - Handle EBUSY correctly CVE-2023-53373 Orabug: 38644370 - nfsd: don't ignore the return code of svcprocregister CVE-2025-22026 Orabug: 38644370 - netsched: hfsc: Fix a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989769)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989769 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where...

CVE-2025-40020

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...

CVE-2025-40020

CVE-2025-40020 affects the Linux kernel’s CAN/Peak USB driver. The flaw arises from using a 64‑bit constant for a shift operation where the shift width is 32 bits (PC CAN FD interfaces), causing a shift‑out‑of‑bounds condition in can: peak_usb. The description states this was resolved via a fix i...

UBUNTU-CVE-2023-53703

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... 6.120512 UBSAN: shift-out-of-bounds in...

CVE-2023-53703

CVE-2023-53703 (Linux kernel) : The issue arises in the HID/amd_sfh code where shifting values in the exp/shift calculation can exceed the 32-bit range, triggering UBSAN shift-out-of-bounds. The described impact is a UBSAN shift-out-of-bounds error in amd_sfh_desc.c (line 149) during the AMD SFH ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987625 advisory. In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received,...

CLSA-2025-1759866837 kernel: Fix of 44 CVEs

mm: zswap: fix missing folio cleanup in writeback race path CVE-2024-26832 - mm: fix zswap writeback race condition CVE-2023-53178 - dm array: fix releasing a faulty array block twice in dmarraycursorend CVE-2024-57929 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - gpio:...

EUVD-2025-26112

Malicious code in bioql PyPI...

UBUNTU-CVE-2021-4460

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If getnumsdmaqueues or getnumxgmisdmaqueues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand. This behaviour is...