Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fixed race conditions between concurrent hwparams and hwfree calls Currently, we do not have any proper checks or protections against concurrent calls to hwparams and hwfree ioctls, which may lead to a Use-After-Free...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: LSM: General protection fault in legacyparseparam The usual LSM hook mechanism of “bailing on fail” doesn’t work in cases where a security module may return an error code indicating that it doesn’t recognize an input. In this...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move i915gemcontext.link under ref protection i915perf assumes that it can use the i915gemcontext reference to protect its i915-gem.contexts.list iteration. However, this requires that we do not remove the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Fixed a potential NULL dereferencing on a kmalloc failure. Avoid potential NULL pointer dereferences by checking the return value of kmalloc and properly handling allocation failures...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: afs: Fixed the delayed allocation of a cell’s anonymous key. The allocation of a cell’s anonymous key is performed in a background thread, along with other cell-related operations such as making DNS calls. In the reported bug, th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: Use RCU protection in ovsvportcmdfillinfo. ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF Use-After-Free errors...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Conditional IBPB mitigation has been added. VMSCAPE is a vulnerability that exploits the insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already...

CVE-2026-43050

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

CVE-2026-31771

CVE-2026-31771 affects the Linux kernel Bluetooth HCI event handling. The vulnerability arose because hci_store_wake_reason() could be invoked before per-event payload length checks, potentially allowing a short HCI event frame to reach bacpy() prior to validation. The fix restructures wake-addre...

CVE-2026-31704 ksmbd: use check_add_overflow() to prevent u16 DACL size overflow

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use checkaddoverflow to prevent u16 DACL size overflow setposixaclentriesdacl and setntacldacl accumulate ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size can wrap past 65535, causin...

CVE-2026-4918

IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

PT-2026-36437

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth MGMT component where the system fails to properly validate the enc size provided by the user during the loading of Long Term Keys LTK. This enc size is...

PT-2026-36376

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: prevent counter from being toggled multiple times Runtime PM counter is incremented / decremented each time the sysfs enable file is written to. If user writes 0 to the sysfs enable file multiple times,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check the TDLS flag in the ieee80211tdlsoper function, which could result in a non-TDLS site...

PT-2026-36459

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description RCU-protected codepaths, specifically mpls forward and mpls dump routes, can maintain an inconsistent view of platform labels versus platform label during a concurrent resize operation...

Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40. The flaw, discovered by WatchTowr Labs, exists in the login flow and allows unauthenticated remote attackers to gain unauthorized access to...

Exploit for Protection Mechanism Failure in Microsoft

Exploit bash python3 CVE-2026-32202.py -h usage: CVE-2026-3...

OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts

OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks...

EUVD-2026-26367

In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code where a request can be replayed if necessary. However, some of these places were missing the necessary...

CLSA-2026-1777541752 bind: Fix of CVE-2026-1519

CVE-2026-1519: limit NSEC3 iteration count when proving an insecure delegation so a maliciously crafted DNSSEC zone with a high-iteration NSEC3 record cannot exhaust resolver CPU; treat the answer as insecure above the 150-iteration limit. Backport of bind-9.11.36-16.el810.7 RHSA-2026:8352...