Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers took over more than 400 packages in the Arch User Repository AUR this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF...

Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware

Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware...

Unbreakable Enterprise kernel security update

6.12.0-203.76.7.3 - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017589 CVE-2025-10263 - arm64: tlb: Add ARM64WORKAROUNDREPEATTLBISYNC Mark Rutland Orabug: 39017589 - arm64: tlb: allow XZR argument to TLBI ops Mark Rutland Orabug: 39017589 - arm64: cputype: Add...

CVE-2026-29051

melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, melange lint --persist-lint-results opt-in flag, also usable via melange build --persist-lint-results constructs output file paths by joining --out-dir with the arch and...

CVE-2026-45876 arm64/gcs: Fix error handling in arch_set_shadow_stack_status()

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fixed memory leak in the fdt buffer This issue was reported by the kmemleak detector: Unreferenced object: 0xff60000082864000 size 9588 Command: “kexec”, PID: 146, Jiffies: 4294900634 age: 64.788 seconds Hex dump...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: s390: Fixed a double-free of GS and RI CBs upon a fork failure. The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring/zcrx: fixed the sgtable leak that occurs during mapping failures. In a rare case where iopopulateareadma fails—which can only occur on a PAGEPOOL32BITARCHWITH64BITDMA machine—iozcrxmaparea will have an initialized but...

Security update for haveged

This update for haveged fixes the following issue CVE-2026-41054: missing exit out of permission check could lead to root exploit bsc1264086. Changes for haveged: Improvements on the linux kernel random subsystem have made move forward to socket communication within private network Fix "stop" of...

SUSE CVE-2026-43224

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadma fails, which could only happen on a PAGEPOOL32BITARCHWITH64BITDMA machine, iozcrxmaparea will have an initialised and not freed table. ...

CVE-2026-43224 io_uring/zcrx: fix sgtable leak on mapping failures

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadma fails, which could only happen on a PAGEPOOL32BITARCHWITH64BITDMA machine, iozcrxmaparea will have an initialised and not freed table. ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: kprobe: Fixed kernel panic when probing an illegal position The kernel would panic when trying to probe an illegal position. For example: CONFIGRISCVISAC=n Example code: bash echo 'p:hello kernelclone+0x16 a0=%a0'...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: s390/idle: mark archcpuidle noinstr The linux-next commit “cpuidle: tracing: Warn about !rcuiswatching” adds a new warning that affects the archcpuidle function on the s390 architecture. WARNING: “CPU: 2 PID: 0 at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: kprobes/x86: Use copyfromkernelnofault to read from an unsafe address. Reading from an unsafe address using copyfromkernelnofault in archadjustkprobeaddr is allowed because this function is called before checking whether the...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/kprobes: Fix null pointer reference in archpreparekprobe I found a null pointer reference in archpreparekprobe: echo 'p cmdlineprocshow' kprobeevents echo 'p cmdlineprocshow+16' kprobeevents Kernel attempted to read user...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: riscv: The issue with the handling of SRSPIE set/clear operations during uprobe has been fixed. In riscv, the process of uprobe involves clearing the SPIE before executing the original instruction, and setting the SPIE after...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as an array index when the EIOINTCENABLE register is modified. This can lead to an array index overflow issue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT was reported1 on an Android-based system when resuming from hibernation. This occurs because swsusparchsuspendexit is marked with SYMCODE, and it does not have a CFI hash. However,...

Lyussfyuring002

lyussfyuring002 web exploitation + OSINT toolkit for people...

SUSE CVE-2026-31568

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add missing secure storage access fixups for donated memory There are special cases where secure storage access exceptions happen in a kernel context for pages that don't have the PGarch1 bit set. That bit is set for...