Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix for null-ptr-deref in iptablenattableinit. We received a report that iptables-restore sometimes triggered a null-ptr-deref at boot time. 0 The issue arises because iptablenattableinit is exposed to user...

Astra Linux - уязвимость в linux

The overlayfs implementation in the Linux kernel failed to properly validate, regarding user namespaces, the setting of file capabilities on files in the underlying file system. Due to the combination of unprivileged user namespaces and a patch carried in the Ubuntu kernel that allows unprivilege...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Scrubbing packets on bpfredirectpeer When bpfredirectpeer is used to redirect packets to a device in another network namespace, the packets are not scrubbed. This can lead to information about the packets being “misused” in...

Astra Linux - уязвимость в linux-5.10, linux-5.15

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nftchainlookupbyid failed to check whether a chain was active and CAPNETADMIN is in any user or network namespace...

Astra Linux - уязвимость в linux, linux-5.10

A non-privileged write-to-file handler flaw exists in the Linux kernel’s control groups and namespaces subsystem. This flaw allows users to gain access to certain less-privileged processes that are controlled by cgroups, even when those processes have higher-privileged parent processes. This issu...

Astra Linux - уязвимость в linux, linux-5.10

A heap-based buffer overflow flaw was discovered in the way the legacyparseparam function in the Linux kernel’s Filesystem Context functionality verifies the length of the supplied parameters. A non-privileged user if non-privileged user namespaces are enabled, otherwise requiring CAPSYSADMIN...

Astra Linux - уязвимость в runc-app

Runc is a CLI tool for spawning and running containers according to the OCI specification. Runc versions 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be exploited by creating empty files or directories in arbitrary locations within the host filesystem. This is achieved by sharing a...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...

CVE-2026-31692

A flaw was found in the Linux kernel's rtnetlink component. An unprivileged local user, leveraging a user namespace, can exploit a missing CAPNETADMIN capability check in the rtnlnewlink function. This allows the user to create paired network devices in arbitrary network namespaces, including the...

CVE-2026-31692

In The Linux kernel, CVE-2026-31692 affects the rtnetlink path: the peer namespace CAP_NET_ADMIN check is missing in rtnl_newlink() when creating paired devices (e.g., veth, vxcan, netkit). This enables an unprivileged user with a user namespace to create interfaces in arbitrary network namespace...

PT-2026-36113

Name of the Vulnerable Software and Affected Versions i18next-http-middleware versions prior to 3.9.3 Description The software passes user-controlled lng and ns values from the getResourcesHandler function directly into i18next.services.backendConnector.loadlanguages, namespaces, … without...

Exploit for Incorrect Authorization in Canonical Ubuntu_Linux

CVE-2023-32629 — OverlayFS Local Full Privilege Escalation Ove...

netfilter: nf_conntrack_expect: skip expectations in other netns via proc

...

justhtml has sanitization bypass in custom policies and programmatic DOM

Summary justhtml 1.17.0 fixes multiple security issues in sanitization, serialization, and programmatic DOM handling. Most of these issues affected advanced or custom configurations rather than the default safe path. Affected versions - justhtml , MathML , SVG / , and MathML text integration poin...

CVE-2026-31496

A flaw was found in the Linux kernel's netfilter subsystem. This vulnerability allows a local user to potentially access or view network connection tracking expectations nfconntrackexpect from other network namespaces netns via the /proc filesystem. This could lead to information disclosure or a...

CVE-2026-31496

Summary: CVE-2026-31496 affects the Linux kernel netfilter nf_conntrack_expect handling across network namespaces. The root cause is a failure to skip or isolate expectations that do not reside in the target netns, enabling a local user to access or view nf_conntrack_expect entries from other nam...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the expectation in nfconntrackexpect that other network namespaces are skipped during proc dump,...

EUVD-2026-24037

OpenBao's Token Store Allows Cross-Namespace Renewal, Revocation...