Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions in the QP timer handling function within the RDMA/rxe driver. This vulnerability...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of an asynchronous timer in the mwifiexadaptercleanup function, allowing for the deletion of...

CVE-2026-47077

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...

CVE-2026-47077 Unbounded body accumulation in HTTP/3 response loop in hackney

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...

PT-2026-43073

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackney h3:await response loop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados

dyld-signing-oracle-poc A controlled exploration of dyld's pa...

CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

CVE-2026-44931

A flaw was found in malcontent. The newly introduced RecordUsage D-Bus Desktop Bus method in malcontent-timerd allows any user on the system to slowly consume disk space in the /var/lib/malcontent-timerd directory. This can lead to a Denial of Service DoS by exhausting available disk resources,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: Drivers: tty: serial: Fixed a deadlock in sa1100settermios There is a deadlock in sa1100settermios, as shown below: Thread 1 | Thread 2 | sa1100enablems sa1100settermios | modtimer spinlockirqsave //1 | Wait for a while ... |...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks attempting to cancel each other can also occur when using bpfmapupdateelem. More precisely, freeing elements containi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Fixed use-after-free bugs caused by pn532CmdTimeout. When the pn532 UART device is detached, the pn532uartRemove function is called. However, there are no functions in pn532uartRemove that can delete the cmdTimeout...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ACPICA: Added the AMLNOOPERANDRESOLVE flag to the Timer instruction. ACPICA commit ID: 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no arguments are required to be passed for the ASL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed the issue where the timer for a call could start racing with the destruction of the call itself. The rxrpccall structure contains a timer used to handle various timed events related to a call. This timer can be...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fixed a potential refcount underflow for idev. In addrconfmodrstimer, the reference to idev depends on whether rstimer is not pending. Then, the timeout of rstimer was modified. There is a time gap during which, if...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Watchdog: Fixed a possible use-after-free by calling deltimersync. The remove function of this driver calls deltimer. However, that function does not wait for the timer handler to finish executing. This means that the timer handl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ptp: ocp: fixed use-after-free bugs caused by ptpocpwatchdog. The ptpocpdetach function only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, timerdeletesync is not called. This...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: time-travel: fix time corruption In the “basic” time-travel mode without =inf-cpu or =ext, we still encounter timer interrupts. These can occur at arbitrary times, for example, while inside the timerread function, which simpl...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In the tcpdisconnect function, the tcpsksk-fastopenrsk field was cleared. The syzbot reported an error where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. The syzbot reused the server-side TCP Fast Open socket as ...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fixed a situation where a hard lockup occurs in the virtual machine after prolonged inactivity, caused by the periodic HV timer. When advancing the target expiration of the guest’s APIC timer in periodic mode, set the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: BTTV – Fixed an issue where a use-after-free error occurred due to the btv-timeout timer. There may be a race condition between the btvirqtimeout function and bttvremove. The timer is set up in the probe phase, and there i...