EUVD-2026-34129

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: fixed a potential out-of-bounds write in lan743xptpioeventclockget. Before calling lan743xptpioeventclockget, the ‘channel’ value is checked against the maximum value of PCI11X1XPTPIOMAXCHANNELS8. This seems correct...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: afs: Increase the buffer size in afsupdatevolumestatus. The maximum length of the volume-vid value is 20 characters. Therefore, increase the size of idbuf to 24 characters to avoid overflow. Identified by the Linux Verification...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: A potential buffer overflow issue has been fixed in nisetmcspecialregisters. The last case label can write two buffers, mcregaddressj and mcdataj, where the offset of ‘j’ equals SMCNISLANDSMCREGISTERARRAYSIZE. Since...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmsmac: Added a gain range check to wlcPhyiqcalgainparamsnphy. In wlcPhyiqcalgainparamsnphy, add a gain range check to WARN, instead of potentially unsafe access to the tbliqcalgainparamsnphy array. This issue has only be...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT – Avoid u32 multiplication overflow. In the function lpitupdateresidency, there is a possibility of overflow during multiplication, if tsckhz is large enough UINTMAX/1000. The multiplication operation should be replace...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bnxten: Adjusted the logging of firmware messages in case the token is released in hwrmsend. If the token is released because token-state equals BNXTHWRMDEFERRED, the released token set to NULL is used in log messages. This issue...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amufiesetup cpufreqgethwmaxfreq returns max frequency in kHz as unsigned int, while freqinvsetmaxratio gets passed this frequency in Hz as 'u64'. Multiplying max frequency by 1000 can...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix for buffer overflow in kirinpcieparseport Within kirinpcieparseport, the value of pcie-numslots is compared to pcie-gpioidreset size MAXPCISLOTS, which is incorrect and could lead to a buffer overflow. Therefore,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm – Fix pointer arithmetic In spu2dumpomd, the value of ptr is increased by ciphkeylen, instead of hashivlen. This could lead to exceeding the buffer boundaries. This bug can be fixed by changing ciphkeylen to hashivlen...

CVE-2025-68820 ext4: xattr: fix null pointer deref in ext4_raw_inode()

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4rawinode If ext4getinodeloc fails e.g. if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattrinodedecrefall lacks error checking, this will lead to a null pointer...

PT-2026-2514

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SCSI target functionality. Specifically, if memory allocation for cmd-t task cdb fails, the pointer remains NULL and is subsequently dereferenced,...

CVE-2023-53705

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6findtlv optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center...

PT-2025-41105

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the bnxt driver, specifically in the bnxt get nvram directory function. An arithmetic expression’s value is susceptible to overflow because operan...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986729)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986729 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in atahostallocpinfo In an unlikely and probably wrong?...

EUVD-2025-13026

Malicious code in bioql PyPI...

EUVD-2025-13985

Malicious code in bioql PyPI...

EUVD-2025-19785

Malicious code in bioql PyPI...

EUVD-2025-14148

Malicious code in bioql PyPI...

PT-2025-38545

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where a NULL pointer dereference can occur during UTF16 conversion within the CIFS implementation. Specifically, a NULL pointer can be passed to the cifs...