Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: rustbinder: fixed oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. As a result, the new request wasn’t taken into account in the spam calculation...

SUSE CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

Linux Distros Unpatched Vulnerability : CVE-2026-43435

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed...

CVE-2026-43435

A flaw was found in the Linux kernel's rustbinder component. The oneway spam detection logic in both TreeRange and ArrayRange was incorrectly implemented or missing, allowing large spamming transactions to go undetected. A local attacker could exploit this vulnerability to cause a Denial of Servi...

EUVD-2026-28741

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

UBUNTU-CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

CVE-2026-43435

CVE-2026-43435 relates to the Linux kernel rust_binder component where the oneway spam-detection logic in TreeRange (and missing logic in ArrayRange) could allow large spamming transactions to go undetected. The fix moves the spam-check after the new range is inserted and adds an equivalent low_o...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the execution order of the one-way garbage detection logic in rustbinder, as well as the...

PT-2026-39096

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rust binder component where oneway spam detection was flawed. In TreeRange, the spam detection logic executed before the current request was inserted into the tree...

kernel: bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

kernel: bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992712 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN...

kernel: bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

RockyLinux 8 : kernel (RLSA-2025:15471)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:15471 advisory. kernel: bpf: Don't use tnumrange on array range checking for poke descriptors CVE-2022-49985 kernel: posix-cpu-timers: fix race between...

EUVD-2022-55264

Malicious code in bioql PyPI...

kernel: bpf: Don't use tnum_range on array range checking for poke descriptors

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnumrange on array range checking for poke descriptors Hsin-Wei reported a KASAN splat triggered by their BPF runtime fuzzer which is based on a customized syzkaller: BUG: KASAN: slab-out-of-bounds in...

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: bpf: Don't use tnumrange on array range checking for poke descriptors CVE-2022-49985 kernel: posix-cpu-timers: fix race between...

CVE-2022-49985

The CVE-2022-49985 entry concerns the Linux kernel, where the BPF component allowed a range check descriptor to misrepresent a tight range because tnum_range(0, map->max_entries-1) may yield a superset of the intended values. The root cause is that the tnum-based range representation can erron...