Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: Build event generation tests are now performed only as modules. The kprobes and synth event generation test modules add events and lock those event files during the module initialization function. They also unlock and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: The registration of structops that uses the module ptr was rejected, and the module btfid is missing. There is a UAF report in bpfstructops when CONFIGMODULES=n. Specifically, the issue relates to tcpcongestionops, which has...

Astra Linux - уязвимость в linux-astra-modules-5.4, linux-astra-modules-5.15, linux-astra-modules-5.10

The vulnerability of the pdplget function in the Linux-astra-modules kernel module is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause a service failure...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, as well as Ansible Tower in versions 3.4.5, 3.5.5, and 3.6.3. This issue occurs when using modules that decrypt vault files, such as assemble, script, unarchive, wincopy, awss...

Astra Linux - уязвимость в linux, linux-6.1, linux-5.15, linux-5.10, linux-astra-modules-5.4, linux-astra-modules-6.1, linux-astra-modules-5.10, linux-astra-modules-5.15

The vulnerability of Linux Astra Modules’ kernel modules is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в linux-astra-modules-5.10, linux-astra-modules-5.15, linux-astra-modules-6.1

The vulnerability of Linux Astra Modules relates to errors during thread blocking. Exploiting this vulnerability allows an attacker to compromise data integrity and also cause service failures through the use of a specially created file system...

Astra Linux - уязвимость в linux-astra-modules-5.4, linux-astra-modules-5.10

The vulnerability of the parsec inodegetsecid function in the linux-astra-modules kernel module is related to improper memory release after its use. Exploiting this vulnerability allows an attacker to cause service failures...

Astra Linux - уязвимость в openssl

Issue summary: A timing side-channel that could potentially allow the recovery of the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow an attacker to recover the private key. However, measuring the timing woul...

Astra Linux - уязвимость в linux-astra-modules-5.10, linux-astra-modules-6.1, linux-astra-modules-5.15

The vulnerability of Linux Astra Modules’ kernel modules is related to insufficient validation of input data. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

Astra Linux - уязвимость в linux-astra-modules-5.4, linux-astra-modules-5.10

The vulnerability of the parsechooksetxattr function in the Linux kernel-module astra-modules is related to the lack of checking for the returned value. Exploiting this vulnerability allows a perpetrator to cause a service failure...

Astra Linux - уязвимость в golang-1.19

The go command may generate unexpected code during build time when using cgo. This can lead to unexpected behavior when running a Go program that uses cgo. This issue may occur when running a trusted module that contains directories with newline characters in their names. Modules retrieved using...

Astra Linux - уязвимость в apache2

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch, especially when an extremely large input buffer is used. Although no code distributed with the server can be forced to make such a call, third-party modules or Lua scripts that us...

Astra Linux - уязвимость в linux-astra-modules-5.4, linux-astra-modules-5.10

The vulnerability of the parsec inodesetattr function in the Linux-astra-modules kernel module is related to the assignment of a null pointer. Exploiting this vulnerability allows an attacker to cause service failures...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

The “Use After Free” vulnerability in the Linux kernel allows for the execution of code in a local environment on Linux, x86, and ARM bluetooth modules. This vulnerability is associated with the program file https://gitee.com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This...

RHEL 8 : python3 (RHSA-2026:19549)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19549 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

A flaw was found in Python's decompression modules, including lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile. This vulnerability, a use-after-free, can occur if a program attempts to re-use a decompression object after a memory allocation error, especially when the system is...