Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Softwarenodegetreferenceargs: A OOB check was corrected. Softwarenodegetreferenceargs attempts to retrieve the @index-th element. The property value requires at least ‘index + 1 sizeofref’ bytes, but this condition cannot be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix the double-free of fwnode in i2cunregisterdevice Before committing the change df6d7277e552 “i2c: core: Do not dereference fwnode in struct device”, i2cunregisterdevice only called fwnodehandleput on ofnode-s by...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005678 advisory. In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005463)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005463 advisory. In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38342)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38342 advisory. - In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in...

CLSA-2026-1768663754 kernel: Fix of 38 CVEs

ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 CVE-2025-38249 - drm/i915/gt: Fix timeline left held on VMA alloc error CVE-2025-38389 - md/raid1: Fix stack memory use after return in raid1reshape CVE-2025-38445 - atm: clip: Fix infinite recursive call of clippush...

EUVD-2025-20904

Malicious code in bioql PyPI...

EUVD-2025-26787

Malicious code in bioql PyPI...

SUSE CVE-2025-38682

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2cunregisterdevice Before commit df6d7277e552 "i2c: core: Do not dereference fwnode in struct device", i2cunregisterdevice only called fwnodehandleput on ofnode-s in the form of calling...

CVE-2025-38682

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2cunregisterdevice Before commit df6d7277e552 "i2c: core: Do not dereference fwnode in struct device", i2cunregisterdevice only called fwnodehandleput on ofnode-s in the form of calling...

UBUNTU-CVE-2025-38682

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2cunregisterdevice Before commit df6d7277e552 "i2c: core: Do not dereference fwnode in struct device", i2cunregisterdevice only called fwnodehandleput on ofnode-s in the form of calling...

CVE-2025-38682 i2c: core: Fix double-free of fwnode in i2c_unregister_device()

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2cunregisterdevice Before commit df6d7277e552 "i2c: core: Do not dereference fwnode in struct device", i2cunregisterdevice only called fwnodehandleput on ofnode-s in the form of calling...

CVE-2025-38682 i2c: core: Fix double-free of fwnode in i2c_unregister_device()

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fix double-free of fwnode in i2cunregisterdevice Before commit df6d7277e552 "i2c: core: Do not dereference fwnode in struct device", i2cunregisterdevice only called fwnodehandleput on ofnode-s in the form of calling...

CVE-2025-38682

The CVE-2025-38682 entry details a Linux kernel vulnerability in i2c core: i2c_unregister_device() could double-free a fwnode when the i2c_client has a software-node as its primary fwnode. The root cause was unconditional fwnode_handle_put() on the i2c_client, which, if a software fwnode is prima...

PT-2025-35955

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A double-free vulnerability exists in the i2c core, specifically within the i2c unregister device function. This issue occurs when an i2c client has a software fwnode as its primary...

UBUNTU-CVE-2025-38573

In the Linux kernel, the following vulnerability has been resolved: spi: cs42l43: Property entry should be a null-terminated array The software node does not specify a count of property entries, so the array must be null-terminated. When unterminated, this can lead to a fault in the downstream...

Linux Distros Unpatched Vulnerability : CVE-2025-38342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs wants to get @index-th element, so the property value requires a...

software node: Correct a OOB check in software_node_get_reference_args()

...

SUSE CVE-2025-38342

In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs wants to get @index-th element, so the property value requires at least 'index + 1 sizeofref' bytes but that can not be guaranteed by...

CVE-2025-38342

In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs wants to get @index-th element, so the property value requires at least 'index + 1 sizeofref' bytes but that can not be guaranteed by...