Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: posix-timers: A mechanism is added to prevent livelock in the itimerdelete function. The itimerdelete function contains a retry loop when the timer expires simultaneously. On non-RT kernels, this is simply a spin-wait until the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Cancel the mesh send timer when the hdev is removed The meshsenddone timer is not canceled when the hdev is removed, which can cause a crash if the timer triggers after the hdev is gone. Cancel the timer when...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync instead of deltimer in the fw reset flow of the halting poll. Replace deltimer with deltimersync in the fw reset polling activation flow. This prevents a race condition that occurs when deltimer is call...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fixed the use-after-free vulnerability in the ether3 driver due to race conditions. In the ether3probe function, a timer is initialized using a callback function called ether3ledoff, which is bound to &prevdev-timer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: serial: 8250port: Check IRQ data before use If the leaf driver wishes to use IRQ polling irq = 0, and the IIR register indicates that an interrupt occurred in the 8250 hardware, the IRQ data can be NULL. In such cases, we need to...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reordering cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork, and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachanne...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscachecookielrutimer when fscache exits to avoid UAF The fscachecookielrutimer is initialized when the fscache module is inserted, but is not deleted when the fscache module is removed. If timerreduce is called...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Failure in bpftimercancel when the callback is being canceled Given a schedule: timer1 cb timer2 cb bpfhrtimer.canceltimer2; bpfhrtimer.canceltimer1; Both bpfhrtimer.cancel calls will wait for the other callback to complete...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called with arguments that a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rtc: Check whether the rtcreadtime call was successful in rtctimerdowork. If the rtcreadtime call fails, the struct rtctime tm; structure may contain uninitialized data, or an illegal date/time reading from the RTC hardware may...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fixed a potential deadlock warning from the deltimersync call in isr. When deltimersync is called in an interrupt context, a warning is thrown due to a potential deadlock. The timer is only used to exit from...

Astra Linux - уязвимость в linux-5.15

A use-after-free vulnerability was discovered in the cyttsp4core driver within the Linux kernel. This issue arises in the device cleanup routine, due to a possible rearming of the watchdogtimer from the workqueue. This could allow a local user to crash the system, resulting in a denial of service...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021616 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021563 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

CVE-2026-8745

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogstimeradd in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available an...

CVE-2026-8745

Technical details are not publicly available in the provided documents; no information on affected versions, root cause, or remediation beyond the description. Monitor for updates.

CVE-2026-8745 Open5GS AUSF nausf-handler.c ogs_timer_add denial of service

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogstimeradd in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available an...

CVE-2026-8745 Open5GS AUSF nausf-handler.c ogs_timer_add denial of service

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogstimeradd in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available an...

PT-2026-41537

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs timer add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available...