Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions during the exit of the damoncall function and the kdamondfn function. This could...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock The smpcallfunction always runs its callback in a hard IRQ context, even when PREEMPTRT is enabled, where spinlocks may be in a sleeping state. Therefore, we need to use a raw spinloc...

CVE-2026-31457 mm/damon/sysfs: check contexts->nr in repeat_call_fn

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts-nr in repeatcallfn damonsysfsrepeatcallfn calls damonsysfsupdtunedintervals, damonsysfsupdschemesstats, and damonsysfsupdschemeseffectivequotas without checking contexts-nr. If nrcontexts is set to ...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006891 advisory. In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IR...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006779 advisory. In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IR...

CVE-2026-29091

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution RCE flaw was discovered in the locutus project, specifically within the calluserfuncarray function implementation. The vulnerability allows an attacker to...

EUVD-1999-1036

Malware in sbrugna...

EUVD-2022-33216

Malicious code in bioql PyPI...

CVE-2024-35422

vmir e8117 was discovered to contain a heap buffer overflow via the wasmcall function at /src/vmirwasmparser.c...

PT-2024-26491 · Vmir · Vmir

Name of the Vulnerable Software and Affected Versions: vmir version e8117 Description: A heap buffer overflow issue was discovered in vmir via the wasm call function at /src/vmir wasm parser.c. This issue occurs due to a problem in the wasm call function, which can lead to a heap buffer overflow...

PT-2024-26486 · Wac · Wac

Name of the Vulnerable Software and Affected Versions: wac version 385e1 Description: A heap overflow issue was discovered in the setup call function at /wac-asan/wa.c, allowing attackers to cause a Denial of Service DoS via a crafted wasm file. The issue is related to the setup call function...

CVE-2023-52839 drivers: perf: Do not broadcast to other cpus when starting a counter

In the Linux kernel, the following vulnerability has been resolved: drivers: perf: Do not broadcast to other cpus when starting a counter This command: $ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000 gives rise to this kernel warning: 444.364395...

SUSE CVE-2024-35819

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...

CVE-2024-35819 soc: fsl: qbman: Use raw spinlock for cgr_lock

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: Use raw spinlock for cgrlock smpcallfunction always runs its callback in hard IRQ context, even on PREEMPTRT, where spinlocks can sleep. So we need to use a raw spinlock for cgrlock to ensure we aren't waiting on...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that smpcallfunction always runs its callbacks in a hard IRQ context...

CVE-2023-48806

In TOTOLINK X6000R V9.4.0cu.852B20230719, the shttpd file, sub4119A0 function obtains fields from the front-end through Uci Set The Str function when passed to the CsteSystem function creates a command execution vulnerability...

LiquidityMining.sol cannot be funded for rewards distribution.

Lines of code Vulnerability details During a rewards claim LiquidityMining.sol uses a low-level call with the msg.value as the rewardsToSend to the liquidity providers, but the contract lacks a receive or fallback function for funds be deposited in it, leaving the contract empty and unable to sen...

Reentrancy is possible in claim functions, which call out via .call().

Lines of code Vulnerability details Impact Reentrancy is possible in claim functions, which call out via .call. Proof of Concept The claimConcentratedRewards Function & claimAmbientRewards Function The claim functions that are vulnerable to reentrancy are: For...

Unchecked msg.value will lead to losing funs inside the contract

Lines of code Vulnerability details Impact While paying for the transaction, function payForTransaction bytes32, // txHash bytes32, // suggestedSignedHash Transaction calldata transaction external payable ignoreNonBootloader ignoreInDelegateCall //@audit-issue no checks that actulayy there is...

M-01 Usage of deprecated sendValue to send eth

Lines of code Vulnerability details Impact The recommended way to send ether is with call function. Using transfer or sendValue could lead to running out of gas, due to the fact that it is predefined and the transfer will fail, in such scenario there won't be way to withraw the amount from the...