Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: eeprom: at24 – fixed a memory corruption race condition. If the eeprom interface is not accessible, a nvmem device will be registered. In this case, the read operation will fail, and the device will be torn down. If another...

freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This vulnerability, a heap use-after-free, occurs during an auto-reconnect operation when the xfclipboardformatsfree function frees memory that is still being accessed by another thread. A remote attacker could...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

SUSE-SU-2025:4141-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:4128-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4128-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues The following security issue...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2025:4057-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4057-1 advisory. The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issu...

CVE-2025-39932

Summary of CVE-2025-39932 (Linux kernel) : The issue affects the SMB/CIFS path in the Linux kernel where smbd_destroy() could destroy memory if post_send_credits_work is still pending. The root cause is that rxe_post_recv could be invoked after rdma_destroy_qp() due to put_receive_buffer() trigge...

EUVD-2024-16193

Malicious code in bioql PyPI...

Use After Free

Overview usd-core is a Pixar's Universal Scene Description Affected versions of this package are vulnerable to Use After Free. Affected versions of the usd-core package are vulnerable to Use-After-Free due to unsynchronised destruction of SdfPrimPathNode objects in the SdfPathNode module that...

PT-2025-37587

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the handling of huge pages. Specifically, a race condition could occur when decrementing the h-resv huge pages counter outside of the huget...

Linux Distros Unpatched Vulnerability : CVE-2022-49910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1...

Linux Distros Unpatched Vulnerability : CVE-2025-37772

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member struct...

CLSA-2025-1751145522 python3.11: Fix of CVE-2024-0397

CVE-2024-0397: fix memory race condition in ssl.SSLContext methods certstorestats and getcacerts...

CVE-2022-49999

CVE-2022-49999 : In the Linux kernel, a race between caching free space for a block group and returning free space to the in‑memory space cache for pinned extents can cause double‑adding free space, corrupting the Btrfs free space tree and space cache. Symptoms include EEXIST when re‑adding freed...

TencentOS Server 4: python3.12 (TSSA-2024:0713)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0713 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: python3.11 (TSSA-2024:0947)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0947 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2024-0397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A defect was discovered in the Python ssl module where there is a memory race condition with the ssl.SSLContext methods certstorestats and getcacerts. The race...

Medium: python3

Issue Overview: A defect was discovered in the Python "ssl" module where there is a memory race condition with the ssl.SSLContext methods "certstorestats" and "getcacerts". The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContex...

Azure Linux 3.0 Security Update: python3 (CVE-2024-0397)

The version of python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0397 advisory. - A defect was discovered in the Python ssl module where there is a memory race condition with the...

BIT-PYTHON-MIN-2024-0397 Memory race condition in ssl.SSLContext certificate store methods

A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as durin...