61300 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of link-type in bpflinkshowfdinfo If a newly added link type does not invoke BPFLINKTYPE, accessing bpflinktypestrslink-type may lead to an out-of-bounds access. To detect such missed invocations early on ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: jfs: Fixed an out-of-bounds issue in dbNextAG and diAlloc. In dbNextAG, there was no check for the case where bmp-dbnumag is greater than or equal to MAXAG due to a corrupted image, which could lead to an out-of-bounds...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Nilfs2: Fixed a kernel bug caused by the lack of clearing of the “checked” flag. Syzbot reported that in directory operations, after Nilfs2 detects filesystem corruption and becomes read-only, blockwritebeginint may fail the BUGO...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Added a check for memory allocation. allocpbl can return an error when memory allocation fails. The driver does not check the status of memory allocation in some instances...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: negative file sizes are now rejected in squashfsread inode. Syskaller reports a “WARNING in ovlcopyupfile” in overlayfs. This warning occurs because the underlying Squashfs file system returns a file with a negative...
Astra Linux – Vulnerability in Ansible
A flaw was discovered in the solariszone module from the Ansible Community modules. When setting the name of a zone on the Solaris host, the zone name is checked by listing the process using the ‘ps’ command on the remote machine. An attacker could exploit this flaw by creating a fake zone name a...
Astra Linux – Vulnerability in Poppler
The JPXStream::init function in Poppler 0.78.0 and earlier does not check for negative values of stream length, which can lead to an Integer Overflow. This allows an attacker to allocate a large memory chunk on the heap, with the size controlled by them. This issue was demonstrated by pdftocairo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: ftsteutates Fixed the TOCTOU race condition in ftsread In the ftsread function, when handling hwmonpwmautochannelstemp, the code accesses the shared variable data-fansourcechannel twice without holding any locks. This chec...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: checks dot and dotdot of dxroot before making dir indexed Syzbot reports the following issue: ============================================ BUG: Unable to handle page fault for address: ffffed11022e24fe PGD 23ffee067 P4D...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cdrom: The check for lastmediachange has been rearranged to avoid unintentional overflow. When running syzkaller with the newly reintroduced signed integer wrap sanitizer, we encounter this error: 366.015950 UBSAN:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check the pipe offset before setting vblank. The size of pipectx is MAXPIPES; therefore, its index must be checked before accessing the array. This fix addresses an OVERRUN issue reported by Coverity...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size. Functions like plparhcall, plparhcall9, and related functions expect callers to provide valid result buffers of a certain minimum size. Currently, this is only...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixing inode number range checks The patch series “nilfs2: Fixing potential issues related to reserved inodes” addresses these issues. This series fixes a use-after-free issue reported by syzbot, which was caused by th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: SCTP: Avoid NULL dereferencing when the chunk data buffer is missing. The chunk-skb pointer is dereferenced in the if-block, where it is supposed to be NULL only. chunk-skb can only be NULL if chunk-headskb is not NULL. Instead,...
CVE-2026-56138
AIL framework contains a path traversal vulnerability in the /objects/item/diff endpoint. The endpoint accepts item identifiers through the s1 and s2 query parameters and, prior to the fix, attempted to retrieve and compare item contents without first verifying that both referenced items existed ...
PT-2026-50895
Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.8.0 through 3.16.0 Description Improper Validation of Integrity Check Value in the jwe-decrypt plugin under default configuration allows for authentication bypass. Recommendations Upgrade to version 3.17.0...
PT-2026-50926
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA Remote Direct Memory Access component during the rereg mr process. When IB MR REREG ACCESS changes from read-only RO to read-write RW, the umem user memory mu...
PT-2026-50979
Name of the Vulnerable Software and Affected Versions Tilt versions 0.24.0 through 0.37.3 Description The Tilt HUD WebSocket endpoint /ws/view is susceptible to Cross-site WebSocket Hijacking CSWSH, a technique where an attacker tricks a victim's browser into establishing a WebSocket connection t...
ALSA-2026:27354 Important: kernel-rt security, bug fix, and enhancement update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip...