Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the renegotiation of the AUDIN format freed the active format list, while the capture thread continued to use audin-format. This led to a use after free in audioformatcompatible. This vulnerability has been...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed the context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. Now, v8-v31 are correctly saved/restored to avoid breaking the us...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: comedi: A memory leak has been fixed in compatinsnlist. compatinsnlist handles the 32-bit version of the COMEDIINSNLIST ioctl function when CONFIGCOMPAT is enabled. It allocates memory to temporarily hold an array of struct...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: Fixed the registration of a 6Ghz-only physical interface without the full channel range. Due to what appears to be a typographical error, the 6Ghz-only physical interface for which the BDF does not allow the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: regmap-irq: The new numconfigregs property was introduced in regmapaddirqchipfwnode. The commit faa87ce9196d “regmap-irq: Introduce config registers for irq types” added the numconfigregs property. The commit 9edd4f5aee84...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/damon: The issue of dividing by zero in damongetintervalsscore has been fixed. The current implementation allows regions with zero size without any special reasons, but damongetintervalsscore crashes when the region size is ze...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/rtas: Use the correct function name for resetting TCE tables. The PAPR specification specifies that the function name should be written as “ibm,reset-pe-dma-windows”. However, in practice, the firmware uses the singula...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid data corruption caused by decline. We identified a data corruption issue during testing of SMC-R in Redis applications. The benchmark has a low probability of reporting a strange error, as shown below: “Error:...

OESA-2026-2143 xorg-x11-server-xwayland security update

Xwayland is an X server for running X clients under Wayland. %package devel Summary: Development package Requires: pkgconfig %description devel The development package provides the developmental files which are necessary for developing Wayland compositors using Xwayland. %prep %autosetup -n...

Fedora 44 : krb5 (2026-8b43ea2f82)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-8b43ea2f82 advisory. Fix NegoEx parsing vulnerabilities CVE-2026-40355, CVE-2026-40356 Add upstream patches to build against openssl 4.0 Make configure.ac work with...

CVE-2026-31781

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically in the drm/ioc32 component. This vulnerability, related to speculative execution a technique used by modern processors to guess future instructions, allows a local attacker to potentially disclose sensitiv...

CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

EUVD-2026-26594

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

PT-2026-36416

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The drm compat ioctl path accepts a user-controlled pointer and dereferences it into a table of function pointers. This pattern is characteristic of Spectre problems, which are...

Exploit for CVE-2026-31431

CVE-2026-31431 - AFALG AEAD Splice UAF PoC Multi-language im...

PT-2026-36101

Name of the Vulnerable Software and Affected Versions nanobot affected versions not specified Description An issue exists where including the | character in a sender address allows an attacker to bypass the Channel allowlist. This bypass provides full access to the Agent Loop, exposing all tools,...

AlmaLinux 10 : xorg-x11-server-Xwayland (ALSA-2026:11352)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:11352 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server:...

AlmaLinux 8 : xorg-x11-server (ALSA-2026:11692)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:11692 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server:...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...