CVE-2026-43158

In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both trip this assertion in the leaf block freemap adjustment code after 20 minutes of running on my test VMs: ASSERTichdr-firstused = ichdr-count...

CVE-2026-43158 xfs: fix freemap adjustments when adding xattrs to leaf blocks

In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both trip this assertion in the leaf block freemap adjustment code after 20 minutes of running on my test VMs: ASSERTichdr-firstused = ichdr-count...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in freemap adjustment during the process of adding extended attributes to extents by the...

PT-2026-37498

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where incorrect freemap adjustments occur when adding extended attributes xattrs to leaf blocks. Specifically, when adding multiple xattrs, the...

CLSA-2026-1777974095 nghttp2: Fix of CVE-2026-27135

CVE-2026-27135: fix missing iframe-state validations to avoid assertion failure...

Fedora 43 : glibc (2026-4b7780802c)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4b7780802c advisory. This update provides various security fixes. Buffer overflow in scanf %mc CVE-2026-5450 nssprintrrf buffer overreads CVE-2026-6238 nssprintrrf buffe...

Incorrect Type Conversion or Cast

Overview Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast in the DiscoverKeys process. An attacker can cause the application to crash by providing a non-RSA key such as an EC key from a repository JWKS endpoint, which triggers a panic due to an unchecked type...

Astra Linux - уязвимость в python-ldap

Python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars could be exploited to skip escaping special characters when a crafted list or dict was provided as the assertionvalue parameter, and...

Astra Linux - уязвимость в openldap

A flaw was discovered in OpenLDAP in versions prior to 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The greatest threat of this vulnerability is to system availability...

Astra Linux - уязвимость в openldap

An integer underflow was discovered in OpenLDAP before version 2.4.57, which led to slapd crashes during the Certificate Exact Assertion processing, resulting in a denial of service schemainit.c serialNumberAndIssuerCheck...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed the transport TOCTOU issue. The transport assignment may race with module unloading. This issue is addressed by protecting newtransport from becoming a stale pointer. This also includes fixing an insecure call in...

Astra Linux - уязвимость в unbound

Before version 1.9.5, Unbound allowed assertion failures due to a compressed name in dnamepktcopy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, an ongoing Unbound installation cannot be exploited remotely or locally...

Astra Linux - уязвимость в openldap

A flaw was discovered in OpenLDAP before version 2.4.57. This flaw led to an assertion failure in slapd during the X.509 DN parsing in the decode.c file, specifically at the bernextelement function. This caused a denial of service...

Astra Linux - уязвимость в avahi

A vulnerability was discovered in Avahi. There exists a potentially exploitable assertion within the dbussethostname function...

Astra Linux - уязвимость в ffmpeg

FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from an assertion failure in src/libavutil/mathematics.c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix lockdep warning during rmmod The commit under the Fixes tag added a netdevassertlocked in bnxtfreentpfltrs. The lock should be held during normal run-time but the assert will be triggered see below during bnxtremoveon...

Astra Linux - уязвимость в avahi

A vulnerability was discovered in Avahi, where there is an accessible assertion in avahidnspacketAppendRecord...

Astra Linux - уязвимость в linux-5.10, linux-5.15

A flaw was discovered in the networking subsystem of the Linux kernel, particularly in the handling of the RPL protocol. This issue arises due to the improper handling of user-provided data, which can lead to an assertion failure. This could allow an unauthenticated remote attacker to create a...

Fedora 44 : glibc (2026-ced72ab158)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ced72ab158 advisory. This update provides various security fixes. Buffer overflow in scanf %mc CVE-2026-5450 nssprintrrf buffer overreads CVE-2026-6238 nssprintrrf buffe...

CVE-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: move wake reason storage into validated event handlers hcistorewakereason is called from hcieventpacket immediately after stripping the HCI event header but before hcieventfunc enforces the per-event minimum...