PT-2026-47704

A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables segmentation via chan ops.alloc buf and the chosen RX pool has a user data size smaller than 2 bytes, the segmentation counter stored ...

EulerOS Virtualization 2.12.0 : libpng (EulerOS-SA-2026-2104)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct...

CVE-2026-0052

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-46133

The CVE-2026-46133 issue affects Linux kernel’s Soft RoCE (RDMA/rxe) where an unauthenticated UDP packet with an unknown opcode could trigger an out-of-bounds read during ICRC/CRC processing due to missing validation of opcodes before length arithmetic. The advisory describes that entries in the ...

CVE-2025-70116

CVE-2025-70116 affects GPAC MP4Box. A NULL pointer dereference occurs when parsing certain truncated MP4 files with an unknown/invalid stsd entry, leading to missing descriptor fields (e.g., codec/mime/profile strings). gf_media_map_esd then calls strlen() on a NULL pointer, triggering a crash (A...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: preventing use-after-free by freeing the cfile later. In smb2compoundop, there is a potential use-after-free issue that may lead to difficult debugging problems in the future. This issue was identified during stress testing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: zloop: fixed the KASAN use-after-free of tagset When a zoned loop device, or zloop device, is removed, the KASAN-enabled kernel reports “BUG KASAN use-after-free” in the blkmqfreetagset function. This bug occurs because...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/mm, kexec, ima: Use memblockfreelate instead of imafreekexecbuffer. The code that calls imafreekexecbuffer is executed long after the memblock allocator has already been removed. This may lead to a use-after-free in...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: fix listhead check warning This issue is caused by the uninitialization of listhead. Bug: KASAN: use-after-free in listdelentryvalid+0x34/0xe4. Call trace: dumpbacktrace+0x0/0x298 showstack+0x24/0x34...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use-after-free out of bounds. When we run syzkaller, we encounter an Out of Bounds error. The specific error message is: “KASAN: slab-out-of-bounds Read in regcacheflatread”. The issue can be traced as...

Astra Linux - уязвимость в freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the sdlPointerNew function freed memory upon failure. However, after that function called pointerfree, it would call sdlPointerFree to free the memory again, triggering a Universal Address Fault UAF in ASan...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fixed an issue where stack out-of-bounds reading occurred when fragmenting IPv4 packets. When running openvswitch on kernels built with KASAN, it is possible to observe the following error during the testing of IPv4...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: - dm raid: fixed the KASAN warning in raid5adddisks. There is a KASAN warning in raid5adddisk when running the LVM testsuite. This warning occurs in the test lvconvert-raid-reshape-lineartoraid6-single-type.sh. We fixed this...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fixed a stack-out-of-bounds issue in strncpy “BUG: KASAN: Stack-out-of-bounds in strncpy+0x30/0x68” The Linux-ATF interface uses 16 bytes of SMC payload. If the clock name is longer than 15 bytes, the string...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netconsole: Avoid out-of-band OOB reads; the message is not terminated with nul. The message passed to netconsole from the console subsystem is not guaranteed to be terminated with nul. Before the recent commit 7eab73b18630...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fixed a false positive caused by MTE Memory Tagging Extension in dokrealloc. This patch addresses an issue introduced by commit 1a83a716ec233, which causes MTE to falsely report a slab-out-of-bounds error. The probl...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: fixed a slab-use-after-free in fscachewithdrawvolume We encountered the following issue during our fault injection stress test: ================================================================== BUG: KASAN:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate sufficient space for GMU registers In commit 142639a52a01 “drm/msm/a6xx: fix crashstate capture for A650”, we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we did not change the...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fixed invalid address access in lookuprec when the index is 0. KASAN reported the following issue: BUG: KASAN: use-after-free in lookuprec A read of size 8 at address ffff000199270ff0 was performed by the task modprobe...