Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat the remaining value being equal to 0 as an error in findandmapuserpages. Currently, if findandmapuserpages receives a DMA transfer request from the user with a length field set to 0, or in a rare case, when the...

Astra Linux – Vulnerability in ffmpeg

In FFmpeg versions prior to 5.1.2, the libavcodec/pthreadframe.c file, used in VLC and other products, leaves stale hwaccel state in worker threads. This allows attackers to trigger a use-after-free and execute arbitrary code under certain circumstances e.g., during hardware reinitialization upon...

EulerOS Virtualization 2.13.1 : openssl (EulerOS-SA-2026-2142)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

CVE-2026-33662

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

CVE-2026-42781

When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-40618

When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...

SUSE CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

SUSE CVE-2026-45931

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...

Evidence at the Moment of Attack. Answers at AI Speed.

Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams...

EUVD-2026-32215

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...

CVE-2026-45931

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...

CVE-2026-46060

crypto: qat - fix IRQ cleanup on 6xxx probe failure...

USN-8278-2: Linux kernel (Azure) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

Ubuntu 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than are present in the FIFO. The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor...

OESA-2026-2329 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes c...

EUVD-2026-30002

When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2026-29976

When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...

CVE-2026-40618

When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...