5002 matches found
CVE-2026-13201
KubeVirt safepath OpenAtNoFollow flaw allows symlink dereferencing via /proc/self/fd when leaf is a symlink, defeating no-follow protection. An attacker with access to a virt-launcher pod could cause virt-handler to apply file ownership or permission changes to an unintended host path. Affected c...
CVE-2026-52814
CVE-2026-52814 affects Gogs’ built-in Go SSH server, where unauthenticated clients can stall the SSH handshake to exhaust file descriptors, spawning unbounded goroutines and causing FD exhaustion that disrupts SSH access. Connected advisories (GHSA-XP79-5MX3-JX52) confirm the vulnerability detail...
EUVD-2026-38907
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate group add input before caching BUG OCFS2IOCGROUPADD can trigger a BUGON in ocfs2setnewbufferuptodate: kernel BUG at fs/ocfs2/uptodate.c:509! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP:...
EUVD-2026-38873
In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...
EUVD-2026-38831
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans sndusbmidigetmsinfo validates the internal MIDIStreaming endpoint descriptor size before using baAssocJackID, but the descriptor walker can still return a class-specific...
EUVD-2026-38832
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has the same descriptor walking pattern as the legacy MIDI parser. It validates bLength against bNumGrpTrmBlock before reading...
Gogs has Unauthenticated Asymmetric Denial of Service (DoS) via SSH Handshake Stall (File Descriptor Exhaustion)
The Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new goroutine without enforcing any read/write deadlines on the underlyin...
PT-2026-51632
The Gogs built-in Go SSH server is vulnerable to an unauthenticated, asymmetric Denial of Service DoS attack. The application accepts inbound TCP connections and passes them to golang.org/x/crypto/ssh.NewServerConn inside a new goroutine without enforcing any read/write deadlines on the underlyin...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: HID: usbhid: Eliminated a recurring out-of-bounds error in usbhidparse. Updated the struct hiddescriptor to better reflect the mandatory and optional parts of the HID descriptor according to the USB HID 1.11 specification. Not...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix refcount leak on error path When failing to allocate reportdesc, opts-refcnt has already been incremented; therefore, it needs to be decremented to prevent the options structure from being permanently locke...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the net: libwx section, the Rx ring descriptor is properly reset after a device reset. When a device reset is triggered due to changes in features, such as toggling Rx VLAN settings, wx-doreset is called to reinitialize the Rx...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed the descriptor address in kvmatswapdesc Using “u64 user hva + offset” to obtain the virtual addresses of S1/S2 descriptors seems incorrect, especially when offset is not zero. What we actually want to get for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Fuse: Abort on fatal signal during sync init When sync init is used and the server exits for some reason e.g., error, crash, the filesystem creation will hang during the processing of FUSEINIT. The reason for this issue is that...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel before version 4.8, the usbparseendpoint function in drivers/usb/core/config.c did not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that initiated the operation. That pointer will be used when the device is completed—which could happen at any time ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fixed NULL pointer dereferencing when nosmp is used When nosmp is used in the command line, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0’s iteration via foreachpossiblecpu dereferences these NULL...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Clear ffseventfd in ffsdataclear. ffsdataclear is indirectly called from both ffsfskillsb and ffsep0release, so it ends up being called twice when userland closes ep0 and then unmounts ffs. If userland provided ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Added multi-thread support for DMA channels. When a DMA channel is obtained and tried to be used across multiple threads, it can lead to errors and cause the system to hang. bash % echo 100...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/memfd: Fixed an issue where information leaks occurred during the handling of hugetlb folios. When allocating hugetlb folios for memfd, three initialization steps are missing: 1. The folios are not zeroed, resulting in kern...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, the function skbAppendPageFrags should no longer check the pfmemalloc status. The skbAppendPageFrags function is currently used by the afunix and udp.sendpage implementations. In commit 326140063946 “TCP: TX...