1370 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm/shmem, swap: fixed the soft lockup issue with mTHP swapin. The following soft lockup can be easily reproduced on my test machine using the following command: echo always...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: Invoking MMU notifiers in shmem/file collapse paths. Any code path that updates page table entries must invoke MMU notifiers to ensure that secondary MMUs such as those related to KVM do not continue to access page...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree. If virtiogpuobjectshmeminit fails e.g., due to fault injection, as happened in the bug report by syzbot, virtiogpuarrayputfree might be called with objs being NUL...
Astra Linux – Vulnerability in Wayland
An internal reference count is maintained on the buffer pool; this count increments every time a new buffer is created from the pool. The reference count is stored as an integer. On LP64 systems, this can lead to an overflow if the client creates a large number of wlshm buffer objects, or if it...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed the issue where NULL sndbufdesc was used in smccdctxhandler. When performing a stress test on SMC-R using the rmmod mlx5ib driver during the wrk/nginx test, we found that there is a possibility of triggering a pani...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: fixed a refcount bug in skpsockget2. Syzkaller reported the refcount bug as follows: ------------ cut here ------------ refcountt: saturated; memory was leaking. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/tests: shmem: Holding the reservation lock around vmap/vunmap operations Acquiring and releasing the reservation lock of the GEM object during vmap and vunmap operations. The tests used vmaplocked, which caused errors such...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: For mm/shmem and swap: The race between the truncate operation and the swap entry splitting has been fixed. The helper function for shmem swap does not handle the order of swap entries correctly. It uses xacmpxchgirq to erase...
Astra Linux – Vulnerability in Linux, Linux 5.10
A memory leak flaw in the Linux kernel’s hugetlbfs memory usage was discovered in the way that the system maps some regions of memory twice using shmget. These mappings are aligned according to PUD alignment, resulting in some memory pages being misaligned. A local user could exploit this flaw to...
Astra Linux – Vulnerability in Linux, Linux 5.10
A flaw was discovered in the Linux kernel. Measuring the usage of shared memory does not scale well with large counts of shared memory segments, which could lead to resource exhaustion and Denial-of-Service attacks...
EUVD-2026-38002
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources creating a write use after free scenario. A shared resource memory page managed by a CPU thread of control driver and accessed by a GPU thread of control Firmware can caus...
PT-2026-50866
Name of the Vulnerable Software and Affected Versions GPU DDK affected versions not specified Description Software run by a non-privileged user can perform improper GPU system calls leading to resource mismanagement. This occurs when a shared memory page, managed by a CPU driver thread and access...
CVE-2026-53844
OpenClaw before 2026.4.29 contains a session visibility check bypass vulnerability in shared memory search that allows authenticated callers to access memory entries without proper authorization. Attackers can skip session visibility guards on the search path to retrieve memory entries that shoul...
CVE-2026-53844
OpenClaw vulnerability CVE-2026-53844 affects OpenClaw prior to version 2026.4.29, involving a session visibility check bypass in the shared memory search path. The issue enables authenticated callers to skip session visibility guards and access memory entries that should not be visible to their ...
PT-2026-49761
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.29 Description A session visibility check bypass exists in the shared memory search of the memory-wiki feature. This allows authenticated callers to skip session visibility guards on the search path, enabling...
CVE-2026-48006
A flaw was found in netty-codec-redis. A remote attacker can exploit this vulnerability by repeatedly closing Redis pipeline connections before a Redis array aggregate completes. This leads to a permanent leak of direct-memory buffers, which prevents memory chunks from being returned to the share...
EUVD-2026-36606
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recover...
CVE-2022-26758
A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4...
CVE-2022-26758
A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4...