Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: aio: Fixed a use-after-free due to missing POLFREE handling. signalfdpoll and binderpoll are special because they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - aio: Fixed the dereferencing of a null pointer in aiocomplete’s wakeup routine. - listdelinitcareful must be the last access to the wait queue entry; this effectively unlocks access to the queue. Previously, finishwait would...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: ffs: Fixed race between aiocancel and AIO Request Complete FFS-based applications can utilize the aiocancel callback to dequeue pending USB requests submitted to the UDC. There is a scenario where the FFS application...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile does not initialize the aiocmd-iocb for the kiwritestream. When the writecommand fdexecuterwaio is executed, we may receive an invalid value for kiwritestream,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the conversion of struct aiokiocb. The first argument of kiocbset Cancelfn may point to a struct kiocb that is not embedded within struct aiokiocb. With the current code, depending on the compiler,...

SUSE CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: aio: fix mremap after fork null-deref Commit e4a0d3e720e7 "aio: Make it possible to remap aio ring" introduced a null-deref if mremap is called on an old aio mapping after fork as mm-ioctxtable will be set to NULL...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: fuse: Fixed a livelock issue in synchronous file put operations performed by fuseblk workers. I observed a hang when running the generic/323 test against a fuseblk server. This test creates a file, initiates multiple AIO writes t...

CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

EUVD-2026-26654

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

PT-2026-36472

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the target core file component, the aio cmd structure does not properly initialize the iocb for the ki write stream. During the execution of a write command via the fd execute rw aio...

did-sdk-python (>=1.0.0 <=1.1.3), django-ninja-aio-crud (>=1.0.5 <=2.30.4) +7 more potentially affected by CVE-2026-27932 via joserfc (>=1.0.0 <=1.6.1)

joserfc PYPI version =1.0.0, =1.0.0, =1.0.5, =2.1.1, =3.0.2, =0.21.2, =0.6.0, =0.9.0, =0.1.0, =0.5.0rc2 Source cves: CVE-2026-27932 Source advisory: SNYK:PYTHON-JOSERFC-15369129...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005440)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005440 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument...

CVE-2025-53217

Missing Authorization vulnerability in staviravn AIO WP Builder all-in-one-wp-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO WP Builder: from n/a through = 2.0.2...

WordPress plugin AIO WP Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000776)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000776 advisory. The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intende...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000936)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000936 advisory. Double free vulnerability in the ioctxalloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service system crash or...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003706)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003706 advisory. An issue was discovered in aiopoll in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aiopollwake if an expected event is triggered immediately...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002528)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002528 advisory. Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecifie...