85 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: xtensa: Fixed the refcount leak issue in the time.c file. In calibrateccount, the offindcompatiblenode function will return a node pointer with the refcount incremented. We should use ofnodeput when this function is no longer...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: added input size checking in procwritesimdisk A malicious user could enter an arbitrarily bad value into memdupusernul, potentially causing a kernel crash. This follows the same pattern as the issue fixed in comm...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerabilities have been resolved: xtensa: xtfpga: Fixed a refcount leak bug in setup. In machinesetup, offindcompatiblenode will return a node pointer with the refcount incremented. We should use ofnodeput when it is no longer needed...
USN-8095-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...
USN-8029-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-8048-1)
The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8048-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
USN-8048-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
USN-8048-1 linux-oem-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
Ubuntu 25.10 : Linux kernel (GCP) vulnerabilities (USN-8030-1)
The remote Ubuntu 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8030-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...
USN-8030-1 linux-gcp vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
USN-8029-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...
CVE-2024-2214
In Eclipse ThreadX before version 6.4.0, the Mtxinit function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/txcliblock.c...
Constant Time Issue with Xtensa-based ESP32 and X22519
...
CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...
Linux Distros Unpatched Vulnerability : CVE-2025-12888
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture...
DEBIAN-CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...
CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...
CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...
UBUNTU-CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...
CVE-2025-12888
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...