EUVD-2026-38908

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...

CVE-2026-9143

There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits if a size value exceeded the target type's range. This affects NI grpc-device 2.17.0 and prior versions...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ovpn: TCP – fix for extracting packets from the stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv, which may contain multiple coalesced packets. The current implementation has two...

Astra Linux – Vulnerability in Firefox

When parsing internationalized domain names, the high bits of the characters in the URLs were sometimes removed, resulting in inconsistencies that could cause confusion for users or lead to attacks like phishing. This vulnerability affects Firefox versions earlier than 94...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fs/9p: Only the RWX permissions are translated for the plain 9P2000. Garbage data is allowed to pass through the perm bits of the plain 9P2000, allowing it to set, among other things, the suid bit. This probably wasn’t the intend...

Astra Linux – Vulnerability in p7zip

7-Zip 22.01 does not report an error for certain invalid xz files that involve stream flags and reserved bits. Some later versions are unaffected...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Properly hiding the first-in-list PCIe extended capabilities There are cases where a PCIe extended capability should be hidden from the user. For example, an unknown capability i.e., a capability with an ID greater than...

CVE-2026-8199

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39829)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39829 advisory. - The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted...

CVE-2026-9605

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

UBUNTU-CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

EUVD-2026-32820

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

CVE-2026-46193

CVE-2026-46193 concerns a Linux kernel xfrm AH (AH) implementation issue where ESN high bits are not accounted for in async callback paths, causing miscalculation of ICV/auth offsets on IPv4/IPv6 when ESN is enabled and async hmac is used. The vulnerability arises from reconstructing the temporar...

cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves

A validation flaw has been discovered in the python cryptography package. This missing validation allows an attacker to provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification ECDSA and...

SUSE CVE-2026-39829

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

EUVD-2026-31396

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

Astra Linux – Vulnerability in ffmpeg

In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: PTEs are reset when using close, especially for entries protected by wr. The userfaultfd unregistration process includes a step to remove the wr-protect bits from all relevant pgtable entries. However, this only...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: The bitsetsize is rounded up to BITSPERLONG. The code in dm-log rounds up bitsetsize to 32 bits. Then, it uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...