12952 matches found
Astra Linux – Vulnerability in Linux 5.15
A issue was discovered in the Linux kernel before version 6.3.10. The file fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, resulting in a out-of-bounds read...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: “mm/writeback: fix possible divide-by-zero in wbdirtylimits, again” This issue was addressed by reverting to the previous behavior. The patch series “mm: Avoid possible overflows in dirty throttling” also addresses this issue. Th...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: block: Do not revert the iterator for -EIOCBQUEUED. The blkdevreaditer function includes some unusual checks. For example, it gates the position and count adjustment based on whether the result is greater than or equal to zero...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drivers/base/node.c: Fixed the issue of the compaction sysfs file leaking. The compaction sysfs file is created using compactionregisternode in registernode. However, we forgot to remove it in unregisternode. As a result, the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: Deallocating the damoncall function fails, resulting in the damonctx object being leaked. The damonstatstart function always allocates the module’s damonctx object damonstatcontext. However, if the damoncall functi...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4prepareInlinedata When running the following code on an ext4 filesystem with the inlinedata feature enabled, the following bug will occur. fd = open"file1", ORDWR | OCREAT | OTRUNC, 0666;...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/ipv6: avoided a possible Use After Free UAF in ip6routempathnotify syzbot discovered another use-after-free in ip6routempath Notify. 1 The commit f7225172f25a “net/ipv6: prevent use after free in ip6routempath Notify” fail...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...
Exploit for Write-what-where Condition in Linux Linux_Kernel
DirtyFrag CVE-2026-43284 PoC Validation and auditd Detection...
CVE-2026-46330
The CVE-2026-46330 entry concerns the Linux kernel TCP ULP support for SMC. The vulnerability arises when an active TCP socket is converted into an SMC socket by in-place modifications to core VFS structures (struct file, dentry, inode), violating VFS invariants that expect these structures to be...
Amazon Linux 2023 : nvidia-imex (ALAS2023NVIDIA-2026-288)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-288 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...
TencentOS Server 3: kernel (TSSA-2026:0419)
"The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0419 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilitie...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper setting of vmaflags in the vb2dmasgmmap function within media videobuf2. This...
Dirty-cow-exploit
System Documentation Architecture - Frontend: React 19...
UBUNTU-CVE-2026-46266
In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTORAW MUST drop incoming ICMP Yizhou Zhao reported that simply having one RAW socket on protocol IPPROTORAW 255 was dangerous. socketAFINET, SOCKRAW, 255; A malicious incoming ICMP packet can set the...
UBUNTU-CVE-2026-46263
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...
UBUNTU-CVE-2026-46253
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called multiple times for the same persistentramzone e.g., via ramoopspstoreread - ramoopsgetnextprz for PSTORETYPEDMESG records. Currently, the...
UBUNTU-CVE-2026-46246
In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916lbc: Fix use-after-free for extcon in IRQ handler Using the devm variant for requesting IRQ before the devm variant for allocating/registering the extcon handle, means that the extcon handle will be...
UBUNTU-CVE-2026-46269
In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference when parsing devicetree When probing the k230 pinctrl driver, the kernel triggers a NULL pointer dereference. The crash trace showed: 0.732084 Unable to handle kernel NULL point...
UBUNTU-CVE-2025-71314
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...