496 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: libceph: Replace BUGON with a bounds check for map-maxosd. OSD indexes come from untrusted network packets. Boundaries checks are added to validate these against map-maxosd. idryomov: removed BUGON in cephgetprimaryaffinity, mino...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix for accessing freed irq affinityhint In stmmacrequestirqmultimsi, a pointer to the stack variable cpumask is passed to irqsetaffinityhint. This value is stored in irqdesc-affinityhint, but once...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: The affinity hint was cleared before calling ath11kpcicfreeirq in the error path. If a shared IRQ is used by the driver due to platform limitations, then the IRQ affinity hint is set correctly after the allocation o...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtiovdpa: Building affinity masks conditionally We were trying to build the affinity mask using createaffinitymasks unconditionally, which could lead to several issues: - The affinity mask is not used for parent processes witho...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: irqchip/apple-aic: The refcount leak in buildfiqaffinity has been fixed. The offindnodebyphandle function returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. Ad...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fixed a cpumask memory leak in virtiovdpafindvqs Free the cpumask allocated by createaffinitymasks before returning from the function...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: enetc: An illegal access occurred when reading the affinityhint parameter. The irqsetaffinityhit function stores a reference to the cpumaskt parameter in the irqdescriptor. This reference can be accessed later from...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid using the function after freeing entries in the rmap-obj array. When calling irqsetaffinitynotifier with NULL as the notify argument, it will cause the glue pointer in the corresponding array entry to be freed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Block layer: The feature of freezing the request queue from within sysfs store callbacks has been removed. Freezing the request queue may cause a deadlock when combined with the dm-multipath driver and the queueifnopath option...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: vduse: fixed NULL pointer dereference. The vdusevdpasetvqaffinity callback can be called with a NULL value as the cpumask when deleting the vduse device. This patch resets virtqueue’s IRQ affinity mask value to set all CPUs inste...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinity on ASP chip The ASP chip is a very old variant of the GSP chip and is used, for example, in HP 730 workstations. When attempting to reprogram the affinity setting, the system may crash, especiall...
CVE-2026-43402
In the Linux kernel, the following vulnerability has been resolved: kthread: consolidate kthread exit paths to prevent use-after-free Guillaume reported crashes via corrupted RCU callback function pointers during KUnit testing. The crash was traced back to the pidfs rhashtable conversion which...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect cleanup of the affinitynode during kthread exit paths. This vulnerability may lead ...
Linux Distros Unpatched Vulnerability : CVE-2026-43402
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kthread: consolidate kthread exit paths to prevent use-after-free Guillaume reported crashes via corrupted RCU callback function pointers during KUnit testing...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013163)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013163 advisory. In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid use after free on rmap-obj array entries When calling irqsetaffinitynotifier...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013334)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013334 advisory. In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with...
ROS-20260408-73-0010
A vulnerability in the findhwthreadmask function of the drivers/infiniband/hw/hfi1/affinity.c component of the Linux kernel is related to the lack of division by zero check. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected...
a-mailx (=0.1.0), a2a-acl (=0.0.15) +1340 more potentially affected by CVE-2026-34515 via aiohttp (>=0.13.1 <=3.13.3)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34515 Source advisory: OSV:GHSA-P998-JP59-783M...
TP-Link, Canva, HikVision vulnerabilities
Cisco Talos' Vulnerability Discovery & Research team recently disclosed a vulnerability in HikVision, as well as 10 in TP-Link, and 19 in Canva. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco 's third-party vulnerability...
CVE-2025-61979
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information...