618 matches found
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid scheduling in rtasosterm. It is unsafe to use rtasbusydelay to handle a busy status from the IBM,os-term RTAS function in rtasosterm: Kernel Panic – Not Syncing: Attempted to kill init! Exitcode = 0x0000000b...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dma-buf: Fixed NULL pointer dereferencing in sanitycheck. If mockchain returns NULL due to a memory allocation failure, it is passed to dmafenceenableswsignaling, resulting in a NULL pointer dereferencing there. Call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Created a persistent INTx handler. There exists a vulnerability where the eventfd for INTx signaling can be deconfigured. This causes the IRQ handler to be unregistered, but it still allows eventfds to be signaled with ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that generated this warning: msk-pm.localaddrused == 0 WARNING: net/mptcp/pmkernel.c:1071 at...
Astra Linux – Vulnerability in Firefox and Thunderbird
Use-after-free in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: Do not delete the error page from the page cache. This change is very similar to the change made for shmem 1. It addresses the same issue, but for the HugeTLBFS mechanism instead. Currently, when a poisoned HugeTLB pag...
$_internalConvertBucketIndexStats may crash the mongod server when working on no timeseries input
The $internalConvertBucketIndexStats stage used PauseExecution as a way to signal "skip this document" when an index stats conversion failed. But PauseExecution is not a general purpose skip mechanism, but rather a TeeBuffer-internal signal used solely by $facet to coordinate its sub-pipelines...
FreeBSD Security Advisory - FreeBSD-SA-26:25.thr
FreeBSD Security Advisory - When used to deliver a signal to a specific thread, thrkill22 called pcansignal to determine whether the operation was permitted but did not check the result before delivering the signal. The signal was sent even when the permission check failed. The system call return...
CVE-2026-39864
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...
CVE-2026-10629
SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
CVE-2026-10629
SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...
CVE-2026-10629
SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...
CVE-2026-10629 CVE-2026-10629
SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...
CVE-2026-10629 CVE-2026-10629
SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...
EUVD-2026-33945
SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...
CVE-2026-10629
CVE-2026-10629 concerns Verizon IMS SIP signaling lacking IPsec integrity protection. The SIP signaling stack (unspecified Verizon IMS version) reportedly sends SIP messages without ESP encapsulation or Security-Client/Security-Server headers, exposing REGISTER, INVITE, MESSAGE, BYE, UPDATE, and ...
PT-2026-45769
Name of the Vulnerable Software and Affected Versions Verizon IMS affected versions not specified Description The SIP signaling stack implements SIP signaling without IPsec integrity protection, specifically lacking Security-Client/Security-Server headers and ESP traffic. This allows an on-path...
Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments
Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and without SIP Security Agreement headers, exposing...
Verizon VoLTE 安全漏洞
Verizon VoLTE is a high-definition voice communication service provided by Verizon based on 4G LTE networks. There is a security vulnerability in Verizon VoLTE, which stems from the fact that SIP signaling does not use IPsec integrity protection. This vulnerability may allow attackers to compromi...