Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In the TCP layer, the secpath process is dropped simultaneously with the current dst process. Xiumei reported encountering a warning in xfrm6tunnelnetexit while running tests that involve creating a pair of netns, running a basic...

Astra Linux – Vulnerability in GhostScript

A issue was discovered in Artifex Ghostscript prior to version 10.05.0. The NPDL device has a Compression buffer overflow in the contrib/japanese/gdevnpdl.c file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: corrected incorrect kunmap when using LZMA on HIGHMEM platforms As shown in the call trace, the root cause is incorrect pages handled by kunmap: BUG: Kernel NULL pointer dereferencing, address: 00000000 CPU: 1 PID: 40 Comm...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fix to wait on block writeback in the postread case. If the inode is compressed but not encrypted, the function f2fswaitonblockwriteback was not called properly to wait for the GC-ed page writeback in the IPU write path...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: Fixed to ensure that compressed blocks are persisted during checkpointing. If the data block in a compressed cluster is not persisted with metadata during a checkpoint, after SPOR, the data may become corrupted. W...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fixed the issue to cover normal cluster writes using cprwsem. When we overwrite a compressed cluster with a normal cluster, we should not unlock cprwsem during f2fswriterawpages. Otherwise, data will be corrupted ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: soc-compress: Repositioned and added pcmmutex. If paniconwarn is set and the compress stream DPCM is initiated, then a kernel panic occurs because card-pcmmutex is not properly locked. In the following functions, a warni...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: does not allow unaligned truncation on released compress inode An F2FS image may become corrupted after performing the following test cases: - mkfs.f2fs -O extraattr,compression -f /dev/vdb - mount /dev/vdb...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: fixed an issue where the algorithm used for encoded extents was invalid. The current algorithm sanity checks do not properly apply to newly encoded extents. We need to unify the algorithm checks with the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid updating the compression context during writeback Bai, Shuangpeng reported a bug as follows: Oops: division error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull...

Astra Linux – Vulnerability in nghttp2

nghttp2 is an implementation of the Hypertext Transfer Protocol Version 2 in C. The nghttp2 library prior to version 1.61.0 continued to read an unlimited number of HTTP/2 CONTINUATION frames even after a stream was reset, in order to keep the HPACK context synchronized. This caused excessive CPU...

Astra Linux – Vulnerability in curl

curl 7.84.0 supports “chained” HTTP compression algorithms, which means that a server response can be compressed multiple times, possibly using different algorithms. The number of allowable “links” in this “decompression chain” is unlimited, allowing a malicious server to insert virtually an...

Astra Linux – Vulnerability in zlib, libz-mingw-w64

Before version 1.2.12, zlib allowed memory corruption during deflation i.e., when compressing if the input contained many distant matches...

Astra Linux – Vulnerability in Jetty9

In Eclipse Jetty versions 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0alpha0 to 10.0.0.beta2, and 11.0.0alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, then if an attacker can send a request with a body that ...

[SECURITY] Fedora 42 Update: openvpn-2.6.20-1.fc42

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

CVE-2026-31767

A flaw was found in the drm/i915/dsi module of the Linux kernel. Incorrect horizontal timing adjustments for Display Stream Compression DSC in command mode can lead to a division-by-zero error. This occurs when the adjusted horizontal total htotal becomes too small, causing the kernel to crash wh...

CVE-2026-31767

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the compression ratio in command mode. Bspec seems to be telling us to do this only in video mode, and...

EUVD-2026-26580

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the compression ratio in command mode. Bspec seems to be telling us to do this only in video mode, and...

CVE-2026-31767

Summary: CVE-2026-31767 relates to the Linux kernel DRM/i915/dsi path and fixes an issue where DSC horizontal timing adjustments were applied in command mode, potentially causing a div-by-zero when calculating vtotal. The underlying fix prevents adjusting htotal based on compression ratio in comm...

EUVD-2026-26511

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...