Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bcache: Reverting the replacement of ISERRORNULL with ISERR The commit 028ddcac477b “bcache: Removing unnecessary NULL point checks in node allocations” causes a NULL pointer dereferencing in cachesetFlush. c if !ISERRORNULLc-roo...

Astra Linux - уязвимость в bind9

BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND supports the following preview editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 that are earlier than those shown—going back to 9.1.0, including the supported preview editions—are also believed to be affected, b...

Astra Linux - уязвимость в firefox

Bypass of mitigation mechanisms in the Networking: Cache component. This vulnerability has been fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

Astra Linux - уязвимость в glibc

The Name Service Cache Daemon’s nscd netgroup cache uses xmalloc or xrealloc, and these functions may terminate the process due to a memory allocation failure, resulting in a denial of service for clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability ...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem 1, and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, t...

Astra Linux - уязвимость в intel-microcode

Improper isolation in the IntelR CoreTM Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evicting cache lines during SNP memory validation A vulnerability related to SNP cache coherence requires a cache line eviction mitigation mechanism when validating memory after a page state changes to private. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Fixed an out-of-bounds memory read access in KUnit tests ctlcache. The KASAN reported an out-of-bounds access in the function csdspctlcacheinitmultipleoffsets. The code used mockcoefftemplate.lengthbytes 4 bytes...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fixed null-ptr-deref in r5lFlushStripeToRaid The r5lFlushStripeToRaid function will check whether the list ‘flushingios’ is empty. It will then submit ‘flushbio’. However, r5llogFlushEndio clears the list first, a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: cachestat: fixed the permission checking for page cache statistics. When the cachestat system call was added in commit cf264e1329fb “cachestat: implement cachestat syscall”, it was intended to be a much more convenient and...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 CVE...

linux-copy-fail-exploit

CVE-2026-31431 Copy Fail - LPE Exploit PoC !Pythonhttps:...

OESA-2026-2194 python-aiohttp security update

Async http client/server framework asyncio. Security Fixes: Insufficient restrictions in header/trailer handling could cause uncapped memory usage.CVE-2026-22815 An unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation.CVE-2026-34513 An attacker who...

OESA-2026-2193 python-aiohttp security update

Async http client/server framework asyncio. Security Fixes: Insufficient restrictions in header/trailer handling could cause uncapped memory usage.CVE-2026-22815 An unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation.CVE-2026-34513 An attacker who...

OESA-2026-2137 python-flask security update

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks...

OESA-2026-2136 python-flask security update

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks...

OESA-2026-2135 python-flask security update

Flask is a lightweight WSGI web application framework. It is designed to make getting started quick and easy, with the ability to scale up to complex applications. It began as a simple wrapper around Werkzeug and Jinja and has become one of the most popular Python web application frameworks...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Copy Fail - CVE-2026-31431 This repository contains a small L...

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Linux kernel local privilege esc...