USN-8278-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8310-1: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8310-1 linux-azure, linux-azure-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

A flaw was found in libpng, a library used for processing PNG Portable Network Graphics image files. This vulnerability arises from improper memory management where a heap-allocated buffer is aliased between internal data structures. When specific functions are called, a freed memory region can...

USN-8289-2: Linux kernel (NVIDIA) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8296-2 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-8297-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8297-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

APT-Agent: Automated Penetration Testing Using Large Language Models

Penetration testing is essential to securing modern web infrastructures, yet traditional manual methods struggle to keep pace with their scale and complexity. Large Language Models LLMs offer new opportunities for automating these tasks, but existing approaches face two persistent challenges:...

USN-8277-2 linux-oracle-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8296-1: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

OESA-2026-2418 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MMWe currently assume that there is at least one VMA in a MM, which isn ttrue.So we might...

OESA-2026-2417 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:mm/mempolicy: fix migratetonode assuming there is at least one VMA in a MMWe currently assume that there is at least one VMA in a MM, which isn ttrue.So we might...

CLSA-2026-1779434490 kernel: Fix of 100 CVEs

tracing: Verify event formats that have "%p.." CVE-2025-37938 - HID: pidff: Fix null pointer dereference in pidfffindfields CVE-2025-37862 - scsi: st: Fix array overflow in stsetup CVE-2025-37857 - drm/amdkfd: debugfs hanghws skip GPU with MES CVE-2025-37853 - mm/vmscan: don't try to reclaim...

CVE-2026-43494

A flaw was found in the Linux kernel, specifically within the net/rds module. When a zerocopy page pin operation fails, a counter used for memory management opnents is not correctly reset. This can result in a double-free vulnerability, where the same memory is released twice. A local attacker...

Astra Linux - уязвимость в webkit2gtk

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, and watchOS 10.6. Processing maliciously crafted web content may lead to an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the issue where mr-map was freed twice. The function rxemrcleanup, which attempts to free mr-map again, will be called when rxemrinituser fails. CPU: 0, PID: 4917, Comm: rdmaFlushserv, Kdump: loaded, Not tainted,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fixed a memory leak in amdsofacpprobe The driver uses kasprintf to initialize the fwcode,databin members of struct acpdevdata, but kfree is never called to deallocate the memory, resulting in a memory leak. This...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: Independent PMD page table shared count The refcount of the folio may be unexpectedly increased through functions like trygetfolio by callers such as splithugepages. In hugepmdunshare, we use the refcount to check...