Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: kobjectuevent: Fixed issues related to OOB access within zapmodaliasenv. The zapmodaliasenv function incorrectly calculates the size of the memory block to be moved. This can lead to OOB out-of-band memory access issues if the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005086)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005086 advisory. In the Linux kernel, the following vulnerability has been resolved: kobjectuevent: Fix OOB access within zapmodaliasenv zapmodaliasenv wrongly calculates size of...

AZL-78377 CVE-2023-54207 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

USB: gadget: Fix use-after-free Read in usb_udc_uevent()

...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986977)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986977 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc-dev.driver The syzbot fuzzer found a...

CVE-2025-34251 Tesla Telematics Control Unit (TCU) < v2025.14 Authentication Bypass

Tesla Telematics Control Unit TCU firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge adbd as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the...

CVE-2025-34251

Tesla Telematics Control Unit TCU firmware prior to v2025.14 contains an authentication bypass vulnerability. The TCU runs the Android Debug Bridge adbd as root and, despite a “lockdown” check that disables adb shell, still permits adb push/pull and adb forward. Because adbd is privileged and the...

PT-2025-40953

Name of the Vulnerable Software and Affected Versions Tesla Telematics Control Unit TCU firmware versions prior to 2025.14 Description The Tesla Telematics Control Unit TCU firmware is susceptible to an authentication bypass. The TCU operates the Android Debug Bridge adbd with root privileges...

EUVD-2023-59831

Malicious code in bioql PyPI...

EUVD-2022-55260

Malicious code in bioql PyPI...

CVE-2023-53454 HID: multitouch: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free...

CVE-2023-53253

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference hiddevice devm allocation of inputdev name Use hiddevice for devm allocation of the inputdev name to avoid a use-after-free. inputunregisterdevice would trigger devres cleanup of all resources...

CVE-2023-53253 HID: nvidia-shield: Reference hid_device devm allocation of input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: nvidia-shield: Reference hiddevice devm allocation of inputdev name Use hiddevice for devm allocation of the inputdev name to avoid a use-after-free. inputunregisterdevice would trigger devres cleanup of all resources...

Linux Distros Unpatched Vulnerability : CVE-2025-37800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - driver core: fix potential NULL pointer dereference in devuevent If userspace reads uevent device attribute at the same time as another threads unbinds the devi...

CVE-2022-49980

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug:...

SUSE CVE-2022-49980

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug:...

UBUNTU-CVE-2022-49980

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free Read in usbudcuevent The syzbot fuzzer found a race between uevent callbacks and gadget driver unregistration that can cause a use-after-free bug:...

PT-2025-25797

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue has been identified in the Linux kernel, specifically in the RDMA/core component. The problem arises when the function ib device rename renames a device name with...