10711 matches found
Astra Linux - уязвимость в parsec
The vulnerability of the parselevcat function in the PARSEC security subsystem is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: Media: PCI: cx23885: Fixed error handling in cx23885initdev When the driver fails to call dmasetmask, the driver will encounter the following error: 55.853884 BUG: KASAN: Use-after-free in processremoveddriver+0x3c/0x240 55.85448...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: md: fixed a deadlock between mddevsuspend and flush Bio A deadlock occurs when mddev is suspended while some of the flush Bio operations are still in progress. This is a complex issue. T1: The first flush occurs at the end of...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: jffs2: fixed a use-after-free in jffs2clearxattrsubsystem When we mount a jffs2 image, it is assumed that the first few blocks of the image are normal and contain at least one xattr-related inode. However, the next block is...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify the content returned by parseintarray. The first element of the returned array stores its length. If it is 0, any manipulation beyond the element at index 0 will result in a null-ptr-deref error...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a possible NULL pointer dereferencing issue. In the rdsrdmacmeventhandlercmn function, a check was performed to ensure that the conn pointer exists before dereferencing it as an argument for rdmasetservicetype. Th...
Astra Linux - уязвимость в linux
A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Do not call freepagesexact with a NULL address. Unlike some other functions, we cannot pass a NULL pointer to freepagesexact. Adding a proper NULL check is necessary to avoid potential errors...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: HID: appleir: Fixed potential NULL dereference at the raw event handle. Syzkaller reported a NULL pointer dereference issue in inputevent. BUG: KASAN: NULL pointer dereference in instrumentatomicread,...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fixed the erroneous cleanup order. There is a logical error when removing the rt5645 device. The function rt5645i2cremove first cancels the &rt5645-jackdetectwork and then deletes the &rt5645-btnchecktimer. However,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021617)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021617 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021534)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021534 advisory. A deadlock flaw was found in the Linux kernels BPF subsystem. This flaw allows a local user to potentially crash the system. Tenable has extracted the preceding...
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-8274-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8274-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
USN-8279-1 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-realtime vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8278-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8277-1 linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17 vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
USN-8277-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...
kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...
Advisory ROSA-SA-2026-3286
Software: kernel-ml 5.15.207 OS: rosa-server79 unaffected versions = kernel-ml-5.15.207-1.0.1.res7 affected versions kernel-ml-5.15.207-1.0.1.res7 CVE-ID: CVE-2026-31431 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in the Linux kernel crypto subsystem crypto: algifaead. Attempts to perfor...
kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...