Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipc: fixed to protect IPCS lookups using RCU. syzbot reported that it discovered a use-after-free vulnerability, 0. 0: https://lore.kernel.org/all/[email protected]/ idrforeach is protected by rwsem, but...

EUVD-2026-38002

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...

CVE-2026-53844

OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authenticated callers to access memory entries without proper authorization. Attackers can skip session visibility guards on the search path to retrieve memory entries that shoul...

CVE-2026-53844

OpenClaw vulnerability CVE-2026-53844 affects OpenClaw prior to version 2026.4.29, involving a session visibility check bypass in the shared memory search path. The issue enables authenticated callers to skip session visibility guards and access memory entries that should not be visible to their ...

PT-2026-49761

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.29 Description A session visibility check bypass exists in the shared memory search of the memory-wiki feature. This allows authenticated callers to skip session visibility guards on the search path, enabling...

CVE-2026-48006

A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by repeatedly closing Redis pipeline connections before a Redis array aggregate completes. This leads to a permanent leak of direct-memory buffers, which prevents memory chunks from being returned to the share...

EUVD-2026-36606

An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recover...

CVE-2022-26758

A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4...

CVE-2022-26758

A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Monterey prior to 12.4 contained security vulnerabilities due to memory corruption issues, which could lead to unexpected changes in shared memory between processes...

CVE-2026-0466

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

CVE-2026-0466

CVE-2026-0466 involves AMD uProf with improper access control. A local user may write to the kernel-shared memory section, potentially causing a crash or denial of service. Documents reference AMD’s security bulletin AMD-SB-9025, but provide no version-specific details or remediation steps. No ex...

CVE-2026-46330

A flaw was found in the Linux kernel's TCP User-Level Protocol ULP support for SMC. This vulnerability arises when an active TCP socket is converted into an SMC socket, as the implementation attempts to modify core Virtual File System VFS structures in-place. This action violates fundamental VFS...

CVE-2026-46330

In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This reverts commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40. As reported by Al Viro, the TCP ULP support for SMC is fundamentally broken. The implementation attempts to convert an acti...

AMD uProf 安全漏洞

AMD uProf is a cross-platform performance analysis tool developed by AMD, a company specializing in semiconductors. AMD uProf has a security vulnerability that stems from improper access control. This vulnerability could allow local attackers with user privileges to write to the kernel’s shared...

PT-2026-48128

Name of the Vulnerable Software and Affected Versions AMD uProf affected versions not specified Description Improper access control in AMD uProf allows a local attacker with user privileges to write to the kernel-shared memory section. This issue involves a kernel write primitive in the...

CVE-2025-66660

Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDSRIOVCHECKTACOMPAT to cause incorrect shared memory mapping, potentially resulting in unexpected behavior...

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Tomcat Connectors vulnerability (USN-8369-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8369-1 advisory. It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like...

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...