Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempoolfree There is a crash in mempoolfree when running the lvm test using shell/lvchange-rebuild-raid.sh. The reason for the crash is as follows: - superwritten calls atomicdecandtest&mddev-pendingwrites and...

CVE-2023-54087

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...

CVE-2023-54087 ubi: Fix possible null-ptr-deref in ubi_free_volume()

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989751 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl Hulk Robot reported a KASAN report...

EUVD-2021-19898

Malware in sbrugna...

DEBIAN-CVE-2022-50211

In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in raid10removedisk when running the lvm test lvconvert-raid-reshape.sh. We fix this warning by verifying that the value "number" is valid. BUG: KASAN: slab-out-of-bounds in...

CVE-2023-52982

CVE-2023-52982 affects the Linux kernel fscache path for relinquished volumes. The root cause is a mismatch between wake_up_bit() and wait_var_event() on different wait-queues, which could prevent a waiter from waking and cause a hang if wake-ups are delayed. The fixes described in the sources sw...

CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

UBUNTU-CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

CVE-2022-48916 iommu/vt-d: Fix double list_add when enabling VMD in scalable mode

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

CVE-2022-48916 iommu/vt-d: Fix double list_add when enabling VMD in scalable mode

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double listadd when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel panic call trace/kernel log is shown in Eagle Stream platform Sapphire Rapids CPU during booting: p...

Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6926-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6926-3 advisory. discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions,...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6922-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6922-2 advisory. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A...

USN-6922-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. CVE-2024-24857, CVE-2024-24858, CVE-2024-24859 Chenyuan Yang discovered...

kernel: dm: call the resume method on internal suspend

A flaw was found in the Linux kernel’s device-mapper dm component. The issue arises during internal suspend operations where the resume method is not correctly called. This issue leads to problems such as list corruption, specifically observed when running the lvm2 test suite. The problem occurs...

USN-6896-3 linux-oracle, linux-xilinx-zynqmp vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

USN-6878-1 linux-oracle vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

CVE-2024-27317

In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a malicious file is uploaded, it could exploit a directory traversal vulnerability. This occurs when the filenames in th...

[SECURITY] Fedora 37 Update: plasma-pa-5.27.1-1.fc37

Plasma applet for audio volume management using PulseAudio...