Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

EUVD-2025-6212

Malicious code in bioql PyPI...

EUVD-2022-54732

Malicious code in bioql PyPI...

SUSE CVE-2025-38357

In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncatefoliobatchexceptionals The WARNONONCE is introduced on truncatefoliobatchexceptionals to capture whether the filesystem has removed all DAX entries or not. And the fix has been applied on the...

CVE-2021-4454

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The conclusion "j1939sessiondeactivate should be called with a session ref-count of at least 2" is incorrect. In some concurrent scenarios, j1939sessiondeactivate can be...

CVE-2025-21833

CVE-2025-21833 : In the Linux kernel, the vulnerability affects iommu/vt-d logic where a NULL pointer could be dereferenced after a WARN_ON_ONCE if domain_remove_dev_pasid cannot find the pasid. The issue has been resolved in the kernel code path that avoids using a NULL pointer post-WARN_ON_ONCE...

CVE-2022-49497 net: remove two BUG() from skb_checksum_help()

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

CVE-2022-49325 tcp: add accessors to read/set tp->snd_cwnd

In the Linux kernel, the following vulnerability has been resolved: tcp: add accessors to read/set tp-sndcwnd We had various bugs over the years with code breaking the assumption that tp-sndcwnd is greater than zero. Lately, syzbot reported the WARNONONCE!tp-priorcwnd added in commit 8b8a321ff72c...

CVE-2024-57951

CVE-2024-57951 affects the Linux kernel and describes a race/state handling issue in hrtimers during CPU hotplug/unplug cycles. The vulnerability arises when a CPU transitions from ONLINE toward HOTUNPLUG and back, causing hrtimers_prepare_cpu() not to run and leaving cpu_base.hres_active at 1. A...

CVE-2024-50287

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpgprecalculateline blindly rescales the buffer even when scaledwitdh is equal to zero. If this ever happens, this will cause a divisio...

CVE-2024-49880

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in allocflexgd Wesley reported an issue: ================================================================== EXT4-fs dm-5: resizing filesystem from 7168 to 786432 blocks ------------ cut here -----------...

CVE-2024-49880 ext4: fix off by one issue in alloc_flex_gd()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in allocflexgd Wesley reported an issue: ================================================================== EXT4-fs dm-5: resizing filesystem from 7168 to 786432 blocks ------------ cut here -----------...

CVE-2024-49880

The CVE-2024-49880 entry concerns an off-by-one in ext4 resizing logic (alloc_flex_gd) leading to a kernel BUG in resize operations (resize2fs) when resizing a filesystem. The vulnerability is addressed by a patch that removes the problematic +1 (and adds a WARN_ON_ONCE) to ensure flex_gd->res...

CVE-2024-47734 bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...

CVE-2024-47734 bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()

In the Linux kernel, the following vulnerability has been resolved: bonding: Fix unnecessary warnings and logs from bondxdpgetxmitslave syzbot reported a WARNING in bondxdpgetxmitslave. To reproduce this1, one bond device bond1 has xdpdrv, which increases bpfmasterredirectenabledkey. Another bond...

CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

DEBIAN-CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

CVE-2024-46681

The CVE-2024-46681 entry affects the Linux kernel pktgen path: within pktgen_pg_net_init, the for_each_online_cpu loop was executed without holding a cpus_read_lock, risking a race that could trigger WARN_ON(smp_processor_id() != cpu) and flood logs. The fix introduces cpus_read_lock()/cpus_read_...

CVE-2024-46681 pktgen: use cpus_read_lock() in pg_net_init()

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

CVE-2024-43820 dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume

In the Linux kernel, the following vulnerability has been resolved: dm-raid: Fix WARNONONCE check for syncthread in raidresume rm-raid devices will occasionally trigger the following warning when being resumed after a table load because DMRECOVERYRUNNING is set: WARNING: CPU: 7 PID: 5660 at...