Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1’s MSRAMD64TSCRATIO has diverged from KVM’s...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT – Avoid u32 multiplication overflow. In the function lpitupdateresidency, there is a possibility of overflow during multiplication, if tsckhz is large enough UINTMAX/1000. The multiplication operation should be replace...

@redhat-cloud-services/frontend-components-config (>=6.0.0 <=6.11.2) potentially affected by unknown CVE via @redhat-cloud-services/tsc-transform-imports (=1.2.1)

@redhat-cloud-services/tsc-transform-imports NPM version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on @redhat-cloud-services/tsc-transform-imports and may be impacted: - @redhat-cloud-services/frontend-components-config =6.0.0, =6.11.2 Source...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc – fixed an off-by-one error in the wireorder validation. The current validation wireorderi ARRAYSIZEconfig pins allows wireorderi to equal ARRAYSIZEconfig pins, which causes out-of-bounds access when used as an...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Loads the TSC multiplier of L1 based on L1’s state, not L2’s state. When emulating a nested VM-Exit, the TSC multiplier of L1 is loaded if L1’s desired ratio does not match the current ratio. This does not occur if L1’...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/hyperv: Fixed a NULL dereferencing in sethvtscchangecb if the Hyper-V setup fails. Checked for a valid hvvpindex array before dereferencing hvvpindex when setting Hyper-V’s TSC change callback. If Hyper-V setup fails in...

Input: ti_am335x_tsc - fix off-by-one error in wire_order validation

...

CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002284 advisory. arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the...

CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

AZL-74450 CVE-2025-68777 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

UBUNTU-CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

CVE-2025-68777

CVE-2025-68777 in the Linux kernel affects the ti_am335x_tsc driver. The validation for wire_order uses the condition wire_order[i] &gt; ARRAY_SIZE(config_pins), which permits wire_order[i] to equal ARRAY_SIZE(config_pins) and can trigger an out-of-bounds access when indexing config_pins[wire_ord...

CVE-2025-68777 Input: ti_am335x_tsc - fix off-by-one error in wire_order validation

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

CVE-2025-68777 Input: ti_am335x_tsc - fix off-by-one error in wire_order validation

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

EUVD-2025-200178

Malicious code in @wxi-dev/serverless-tsc-config npm...

MAL-2025-191536 Malicious code in @wxi-dev/serverless-tsc-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2044be2f48924b1fbab5515839d24440bd12b3d7df98de95a6b0881665ab3f94 The package @wxi-dev/serverless-tsc-config was found to contain malicious code. Source: ghsa-malware...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988717 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Fix NULL deref in sethvtscchangecb if Hyper-V setup fails Check for a valid hvvpindex...

SUSE CVE-2023-53663

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN instead of asserting that TSC scaling is exposed to L1 if L1's MSRAMD64TSCRATIO has diverged from KVM's...