PT-2026-43780

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bridge multicast component where the mdb n entries count for VLAN contexts is updated conditionally. This can lead to a state where a decrease operation is perform...

CVE-2026-45913

net: bridge: mcast: always update mdbnentries for vlan contexts...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistent conditions for updating the mdbnEntries count in VLAN context during bridge multicas...

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

ADB TLS Auth Bypass Exploit CVE-2026-0073 An automated netw...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In net: The variable sk-skfamily was read once in the function skmcloop. - syzbot is frequently using IPV6ADDRFORM; it managed to trigger the WARNONONCE1 function in skmcloop. We have many more similar issues that need to be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ip6mr: Fixed the UAF issue in ip6mrskDone, where a invalid pointer access occurred when addrconfinitnet failed. If the initialization fails during the call to addrconfinitnet, devconfall is a pointer that has been released...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: afpacket: moved the notifier’s packetdevmc out of the RCU critical section. Syzkaller reports the following issue: BUG: A sleeping function is called from an invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bridge: mcast: Fixed a use-after-free during router port configuration. The bridge maintains a global list of ports behind which a multicast router resides. This list is consulted during forwarding to ensure that multicast packet...

Astra Linux - уязвимость в atftp

There is an exploitable denial-of-service vulnerability in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests triggers an assert call, resulting in a denial-of-service attack. An attacker can send a sequence of malicious packets...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: Fix memory leak in ipmcadd1src BUG: Memory leak Unreferenced object: 0xffff888101bc4c00 size 32 Command: “syz-executor527”, pid 360, jiffies 4294807421 age 19.329s Hex dump first 32 bytes: 00 00 00 00 00 00 00 00 00 00...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquiring RTNL before calling ip6mrfreetable in the failure path The ip6mrfreetable function can only be called under an RTNL lock condition. RTNL: assertion failed at net/core/dev.c 10367 WARNING: CPU: 1 PID: 5890 at...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: IGMP: Fixed race conditions related to sysctligmpqrv. When reading sysctligmpqrv, it can be changed concurrently. Therefore, we need to add READONCE to its readers. This test can be incorporated into a helper function; such...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written to 0xffff88813a80c832, which is 1 byte, by task 3771 on CPU 0: mldifcstopwork in net/ipv6/mcast.c:1080 inline ipv6mcdown+0x10a/0x280 in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: removed one synchronizenet call from ipv6mcdown. As discussed in previous discussions commit 2d3916f31891 “ipv6: fix skb drops in igmp6eventquery and igmp6eventreport”, the synchronizenet call in ipv6mcdown is not...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: Ensure that we call ipv6mcdown at most once. There are two reasons why addrconfnotify is called with NETDEVDOWN: Either the network device is actually going down, or IPv6 was disabled on the interface. If either of the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fixed a use-after-free issue when updating multicast route statistics. The cited commit added a dedicated mutex instead of RTNL to protect the multicast route list. This prevents changes to the list while the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021635 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix steering rules cleanup vport's mc, uc and multicast rules are not deleted in teardo...

Windows Snipping Tool - NTLMv2 Hash Hijack

Exploit Title: Windows Snipping Tool - NTLMv2 Hash Hijack Date: 2026-04-22 Exploit Author: nu11secur1ty Video Demo: https://www.patreon.com/posts/cve-2026-33829-156243398 Vendor Homepage: https://www.microsoft.com Software Link: Built-in Windows Snipping Tool Version: Windows 10, Windows 11,...

CLSA-2026-1778157268 dnsmasq: Fix of CVE-2022-0934

CVE-2022-0934: Fix write-after-free in DHCPv6 relay handling that could be triggered by a crafted packet, leading to denial of service - rfc3315: fix bad reply to DHCPCONFIRM messages wrong message type - rfc3315: fix integer underflow and heap overflow in log6opts STATUSCODE - rfc3315: fix...

CLSA-2026-1778112033 avahi: Fix of CVE-2026-24401

CVE-2026-24401: fix avahi-daemon crash on receipt of unsolicited mDNS responses containing self-referencing CNAME records by detecting CNAME loops in lookuphandlecname to prevent uncontrolled recursion and stack exhaustion; also includes two related DoS fixes in the same lookup path from upstream...