Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: vhostvdpa: The irqbypassunregisterProducer token must be assigned correctly. Previously, we called irqbypassunregisterProducer within vhostvdpasetupvqirq. This was problematic because we had no way of knowing whether the token...

CVE-2025-66223 OpenObserve's Invite Token Lifecycle Misconfiguration

OpenObserve is a cloud-native observability platform. Prior to version 0.16.0, organization invitation tokens do not expire once issued, remain valid even after the invited user is removed from the organization, and allow multiple invitations to the same email with different roles where all issue...

YoSmart YoLink Application 安全漏洞

YoSmart YoLink Application is a smart home management application from YoSmart USA. A security vulnerability exists in YoSmart YoLink Application version 2025-10-02 and earlier, which stems from a session token lifecycle that is too long...

Enterprise Security Incident Analysis and Countermeasures Based on the T-Mobile Data Breach

This paper presents a comprehensive analysis of T-Mobile's critical data breaches in 2021 and 2023, alongside a full-spectrum security audit targeting its systems, infrastructure, and publicly exposed endpoints. By combining case-based vulnerability assessments with active ethical hacking...

AZL-50821 CVE-2024-47748 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: vhostvdpa: assign irq bypass producer token correctly We used to call irqbypassunregisterproducer in vhostvdpasetupvqirq which is problematic as we don't know if the token pointer is still valid or not. Actually, we use the...

AZL-50892 CVE-2024-47748 affecting package kernel for versions less than 6.6.56.1-5

In the Linux kernel, the following vulnerability has been resolved: vhostvdpa: assign irq bypass producer token correctly We used to call irqbypassunregisterproducer in vhostvdpasetupvqirq which is problematic as we don't know if the token pointer is still valid or not. Actually, we use the...

UBUNTU-CVE-2024-47748

In the Linux kernel, the following vulnerability has been resolved: vhostvdpa: assign irq bypass producer token correctly We used to call irqbypassunregisterproducer in vhostvdpasetupvqirq which is problematic as we don't know if the token pointer is still valid or not. Actually, we use the...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the vhostvdpa module not properly handling the token's lifecycle when setting up an irq bypass producer toke...