Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: DM integrity: Error in the call to kmemcachedestroy in dmintegrityinit. Otherwise, the journaliocache will be leaked if dmregistertarget fails...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a memory leak in fib6rulesuppress The kernel causes a memory leak when a fib rule is present in IPv6 nftables firewall rules, and when a suppressprefix rule is present in the IPv6 routing rules used by certain tools...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘f2fs: block cache/dio write during f2fsenablecheckpoint’” This issue is resolved through commit 196c81fdd438f7ac429d5639090a9816abb9760a. The original patch might cause a deadlock; therefore, it should be reverted. Chang...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm/migrate: fixed the issue where the shmem xarray was updated during migration. A shmem folio can be either in the page cache or in the swap cache; it cannot be in both simultaneously. Specifically, once it is in the swap cache,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fixed the null-pointer dereference in pgtablecacheadd. kasprintf returns a pointer to dynamically allocated memory; this pointer may be NULL in case of failure. Ensure that the allocation was successful by checking th...

Astra Linux - уязвимость в squid

A issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, sensitive information about clients using the proxy may be exposed through an HTTPS request to an internal cache manager URL. This issue has been fixed in version 5.7...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021574)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021574 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: fix zswap writeback race condition The zswap writeback mechanism can cause a race condition...

Linux Distros Unpatched Vulnerability : CVE-2026-42923

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS recor...

PT-2026-42133

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description An issue exists where promiscuous RRSets Resource Record Sets that complement DNS replies in the authority section can be used to trick the system into caching unauthorized records. An...

Fedora 44 : kernel (2026-57965ac9f7)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-57965ac9f7 advisory. The 7.0.9-104/204 kernels contain a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability as well as some mitigations for PinTheft Tenable has...

Fedora 43 : kernel (2026-3f85a4eba7)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3f85a4eba7 advisory. The 7.0.9-104/204 kernels contain a fix for a SKBFLSHAREDFRAG page-cache corruption vulnerability as well as some mitigations for PinTheft Tenable has...

Linux Distros Unpatched Vulnerability : CVE-2025-54518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a...

PT-2026-42173

Name of the Vulnerable Software and Affected Versions Twig affected versions not specified Description The Compiler::string function fails to escape single quotes when generating PHP double-quoted string literals. In ModuleNode::compileConstructor, template names from a % use % tag are processed...

CVE-2026-42960

NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority section can be used to trick Unbound to cache such records. If an adversary is able to attach such...

CVE-2026-42923

NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the...

Fedora 44 : python-django6 (2026-de6e24ae07)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-de6e24ae07 advisory. - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session...

PT-2026-42130

Name of the Vulnerable Software and Affected Versions NLnet Labs Unbound versions prior to 1.25.1 Description A flaw in the DNSSEC validator occurs when the code path used to consult the negative cache for DS records ignores the limit on NSEC3 hash calculations. An attacker controlling a DNSSEC...

NLnet Labs Unbound 访问控制错误漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. In versions 1.16.2 to 1.25.0 of NLnet Labs Unbound, there is an access control vulnerability. This vulnerability stems from a phantom domain attack. It allows attackers to control phantoms and query the vulnerable...

Unbreakable Enterprise kernel security update

5.4.17-2136.355.3.3 - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391459 CVE-2026-46333 5.4.17-2136.355.3.2 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount Maurizio Lombardi Orabug: 39368774 CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free i...

NLnet Labs Unbound 安全漏洞

NLnet Labs Unbound is a high-performance DNS resolver open-sourced by NLnet Labs. Versions of NLnet Labs Unbound 1.25.0 and earlier contained security vulnerabilities. These vulnerabilities were caused by mixed records in the authoritative section, leading to cache poisoning. Attackers could...