7671 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: hwmon: The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTOU race conditions, potentially causing divide-by-zer...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dcehwseq before dereferencing it. WHAT hws was checked for being null earlier in dce110blankstream, indicating that hws can be null. This check should be performed whenever hws is used. Cherry-picked from...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: clk: Samsung: exynos-clkout – Assign .num before accessing .hws. The commit f316cdff8d67 annotates the hws member of the struct clkhwonecelldata with countedby. This informs the bounds sanitizer UBSANBOUNDS about the number of...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Disabling MMIO access during SMU Mode 1 reset During Mode 1 reset, the ASIC undergoes a reset cycle and becomes temporarily inaccessible via PCIe. Any attempt to access MMIO registers during this period e.g., from...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Add the missing unmap in sndcx23885hwparams In the error path, add cx23885alsadmaunmap to release the resource acquired by cx23885alsadmamap...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: xfrm: Always flush the state and policy upon the NETDEVUNREGISTER event. syzbot reports that the refcount of “struct xfrmstate” is leaking. unregisternetdevice: Waiting for netdevsim0 to become free. Usage count = 2. reftracke...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add the missing unmap in sndcx88hwparams In the error path, add cx88alsadmaunmap to release the resource acquired by cx88alsa DMAmap...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: Do not exceed the ARM processor CPER record buffer. There is a logic within GHES/CPER that detects whether the sectionlength is too small, but it does not detect whether it is too large. Currently, if the firmware...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Reserve 8 struct clkhw slots for 9FGV0841. The 9FGV0841 has 8 outputs and registers 8 struct clkhw structures. Ensure that there are 8 slots available for these newly registered clkhw pointers. Otherwise, out-of-bounds...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fixed a out-of-bounds behavior when dealing with 0 MW LUTs. The number of MW LUTs depends on the NTB configuration and can be set to zero. In such cases, rounddownpowoftwo will cause undefined behavior and...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: regmap: Fixed a race condition in the hwspinlockirqsave routine. Previously, the address of the shared member &map-spinlockflags was passed directly to hwspinlocktimeoutirqsave. This created a race condition where multiple contex...
UBUNTU-CVE-2026-52937
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
CVE-2026-52937
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
PT-2026-51825
Name of the Vulnerable Software and Affected Versions Apple M1 GPUs affected versions not specified Description Apple M1 GPUs retain register file data between compute shader dispatches from different processes. This allows a sandboxed Metal attacker application to execute a GPU reader shader to...
CVE-2026-49269
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...
PT-2026-52006
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the rtlwifi PCI component. The irq prepare bcn tasklet is initialized in rtl pci init and scheduled upon a RTL IMR BCNINT hardware interrupt. Because thi...
CVE-2026-49269
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random...
MINI-HWVP-XJ3Q-VVFJ
Bulletin has no description...
USN-8447-3: Google Guest Agent vulnerabilities
USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in Google Guest Agent. Original advisory details: It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker...
Important: containerd
Issue Overview: An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state a...