1681 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Use a timestamp to check whether the set element has timed out. A timestamp field is added at the beginning of the transaction; it is stored in the nftablespernetns area. The methods .insert, .deactivate,...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: afunix: The function call kfreeskb is called for the dead unixsk-oobskb in the garbage collection process. syzbot reported a warning in unixgc, which creates a socketpair and sends the fd of one socket to itself using the peer...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: The backend for setting the DEAD bit was changed to use the GC transaction API. The GC transaction API replaces the old and buggy gc API and the busy mark approach. No set elements are removed from async...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: afunix: Initialize sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket. The repro consists of three stages: 1 Create a single cyclic reference with...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftsetrbtree: Fix for overlapping expiration handling during walks. The lazy garbage collection mechanism during insertion, which should remove entries when the timeout occurs, fails to properly release the remainin...
Astra Linux - уязвимость в firefox, thunderbird
After a Garbage Collector compaction, weak maps might have been accessed before they were properly traced. This led to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox 112, Focus for Android 112, Firefox ESR 102.10, Firefox for Android 112, and Thunderbird...
Astra Linux - уязвимость в firefox, thunderbird
During Ion compilation, a garbage collection operation could lead to a “use-after-free” condition, allowing an attacker to write two NUL bytes and cause a potentially exploitable crash. This vulnerability affects Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3...
Astra Linux - уязвимость в firefox, thunderbird
The JIT compiler generated incorrect code for arguments in certain cases. This led to potential use-after-free errors during garbage collection. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Astra Linux - уязвимость в firefox
A use-after-free could occur if a JavaScript realm was being initialized when a garbage collection started. This vulnerability affects Firefox versions earlier than 125...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed the garbage collector’s race condition with connect The garbage collector does not account for the risk of an “embryo” being enqueued during garbage collection. If such an “embryo” has a peer that carries SCMRIGHTS,...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fixed a race condition between namespace cleanup and garbage collection for the list:set type. Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and garbage collection of...
Astra Linux - уязвимость в firefox, thunderbird
If a garbage collection was triggered at the right time, a use-after-free could occur during object transplantation. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...
kernel: netfilter: nf_conncount: update last_gc only when GC has been performed
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: update lastgc only when GC has been performed Currently lastgc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high...
Unity Linux 20.1050e / 20.1070e Security Update: kubernetes (UTSA-2026-016823)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016823 advisory. A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching...
USN-8262-1: Lua vulnerability
It was discovered that the Lua parser incorrectly handled garbage collection when processing specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
USN-8262-1 lua5.1 vulnerability
It was discovered that the Lua parser incorrectly handled garbage collection when processing specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
Astra Linux - уязвимость в firefox
Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. Igor Ushakov reported that GC purged the receive queue of an alive socket due to a race with MSGPEEK with a nice repro. This is the exact same issue previously fixed by commit cbcf01128d0...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: Fixed issues where stuck flows occurred during cleanup due to pending work. To clear the flow table when it becomes free, the following sequence typically occurs: 1 The gcstep operation is stopped to disable...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: revisit gc autotuning As of commit 4608fdfc07e1, this issue has been addressed. “netfilter: conntrack: collect all entries in one cycle” The behavior related to conntrack’s garbage collection has been change...