2811 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: smb/client: fixed a memory leak in smb2openfile Steps to reproduce the issue: 1. Server: Directories are exported as read-only. 2. Client: mount -t cifs //$serverip/export /mnt. 3. Client: dd if=/dev/zero of=/mnt/file bs=512...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A use-after-free bug in nilfsroot has been fixed in nilfsevictinode. During the unmount process of nilfs2, nothing holds the nilfsroot structure after nilfs2 detaches its writer in nilfsdetachlogwriter. However, since...
Astra Linux - уязвимость в linux
A issue was discovered in Linux: improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and cause pages to be freed while still accessible by the VMM and guest. This allows users who have the ability to start and control a VM to read/write random pages of memory, potentially leading ...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed the use-after-free bug of nswriter when remounting the filesystem. If a nilfs2 filesystem is downgraded to read-only due to metadata corruption on the disk, and it is remounted with read/write access, or if an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: dm-raid456, md/raid456: fixed a deadlock issue for dm-raid456 when io operations are concurrent with reshape operations. For raid456, if reshape is still in progress, then IO operations across the reshape position will wait fo...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the overloading of the meaning of MEMUNINIT Lonial reported an issue in the BPF verifier, where checkmemsizereg contains the following code: c if !tnumisconstreg-varoff / For unprivileged variable accesses, disable raw...
Astra Linux - уязвимость в linux-5.10, linux
In the context of dm-verity-target.c, there is a potential way to modify read-only files due to a missing permission check. This could lead to a local escalation of privileges, as System execution privileges are required. User interaction is not necessary for exploiting this vulnerability. Produc...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: The issue of slab-use-after-free occurred due to a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Rejects new transactions if the file system is fully read-only. BUG There is a bug report where a heavily fuzzed file system is mounted with all rescue mount options. This leads to the following warnings during unmount:...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: bridge: Fixed a null pointer dereference in the vlan tunnel destination. This patch addresses a issue where a null pointer dereference occurred due to lockless access in the tunnel egress path. When deleting a vlan tunnel, t...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Do not force clear the buffer if it is referenced. The patch series “nilfs2: Protect busy buffer heads from being forced to be cleared” addresses inconsistencies in buffer head states reported by syzbot. These...
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021583)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021583 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SBRDONLY after filesystem errors When the filesystem is mounted with...
CVE-2026-27173
JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...
CVE-2026-27173
JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...
EUVD-2026-30977
JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...
CVE-2026-27173 Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments
JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...
CVE-2026-27173 Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments
JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actions that were only available to running tasks via Task SDK and potentially allow to modify state of...
CVE-2026-27173
CVE-2026-27173 affects the Apache Airflow CNCF Kubernetes provider where JWT tokens used by workers in Kubernetes Executors can be exposed to users with read-only access to Kubernetes Pods. The issue arises from tokens being exposed in command-line arguments, potentially enabling read-only users ...
CVE-2026-45386
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, Pin/Unpin is a write operation modifies the message's ispinned , pinnedby, pinnedat fields, but in standard channels it only checks read permission, allowing users with read-only...