927 matches found
ZKTeco BioTime <= 9.0.1 - Privilege Escalation
BioTime default employee credentials password 123456 allow login. Sessions are not role-validated, enabling privilege escalation to perform admin actions and enumerate backup files. id: CVE-2023-38952 info: name: ZKTeco BioTime = 9.0.1 - Privilege Escalation author: riteshs4hu severity: high...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mounts, IO requests are handled by vfsiocbiterread. However, this process can be interrupted by a SIGKILL signal, resulting in the number of bytes actually copied...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the memory leak related to ‘conf-biosplit’. In the error path of raid10run, ‘conf’ needs to be freed. However, ‘conf-biosplit’ is not freed, resulting in a memory leak. Since there are three places where ‘conf’...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where the extent map was used after free, when adding pages to compressed Bio data structures. In the function addrabiopages, we access the extent map to calculate ‘addsize’. After dropping the reference to...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerability has been resolved: Kyber: An out-of-bounds access occurred when the thread was preempted. The function blkmqschedbiomerge retrieves the ctx and hctx for the current CPU and passes the hctx to -biomerge. The function kyberbiomerge then retrieves the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the blkzonewplugbiowork function, do not use submitbionoacctnocheck. Queues of zone write operations have already gone through all preparations in the submitbio path, including freeze protection. Submitting these operations...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the “block” layer, do not call “rqqosops-donebio” if the bio data structure is not being tracked. The “rqqos” framework is only applied on request-based drivers. Therefore: 1 The “rqqosdonebio” function is not necessary for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dm: Always split write BIOs to zoned device limits Any zoned DM target that requires zone append emulation will use the block layer zone write plugging mechanism. In such cases, DM target drivers must not split BIOs using...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio When the process is migrated to a different cgroup or, in the case of writeback, it simply starts submitting bios associated with a different cgroup, bfqmergebio may operate with...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dm-crypt: Do not modify the data when using authenticated encryption. It was stated that authenticated encryption could produce invalid tags when the data being encrypted was modified 1. Therefore, this issue can be addressed by...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: block: Fixed the issue of iterating over an empty bio with bioforeachfolioall. If the bio contains no data, biofirstfolio calls pagefolio using a NULL pointer, resulting in a buffer overflow error. We’ve moved the test that check...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Block: Initialize the integrity buffer to zero before writing it to the media. The metadata added by biointegrityprep uses the plain kmalloc function, which results in random kernel memory being written to the media. For PI...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: md/raid5: Unnecessary bioput calls in raid5readonechunk have been removed. When performing chunk-sized reads on disks with badblocks, it was observed that calls to biofree and bioput were duplicated...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the wait barrier is required before returning a discard request with the REQNOWAIT flag. The raid10handlediscard function should also wait for the barrier before returning a discard bio that has the REQNOWAIT flag...
EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...
CVE-2026-9509
CVE-2026-9509 affects Suprema BioStar 2 Server (versions 2.9.8, 2.9.10, 2.9.11). An unhandled exception triggered by unauthenticated HTTP POST requests to the /api/migration endpoint can cause a denial of service, halting critical processes and leaving the system offline until services or the ser...
Suprema BioStar 安全漏洞
Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. Versions 2.9.8, 2.9.10, and 2.9.11 of Suprema BioStar contain...
EUVD-2026-32874
In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovecphysmergeable biovecphysmergeable is used by the request merge, DMA mapping, and integrity merge paths to decide if two physically contiguous bvec segments can be coalesced into one. It currently h...
EUVD-2026-32432
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix deadlock with check operation and nowait requests When an array check is running it will raise the barrier at which point normal requests will become blocked and increment the nrpending value to signal there is wor...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the zram module does not call bioendio when processing certain discard requests. Th...