Astra Linux - уязвимость в samba

A flaw was discovered in Samba’s DNS server. A authenticated user could exploit this flaw to cause damage to the RPC server. This RPC server, which also supports protocols other than dnsserver, will be restarted after a short delay. However, it is easy for an authenticated, non-administrative...

Astra Linux - уязвимость в samba

A flaw was discovered in the way Samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request and chose to fragment it, an attacker could replace the later fragments with their own data, thereby bypassing the signature requirements...

Astra Linux - уязвимость в linux-5.10

A out-of-bounds memory read flaw was discovered in the Linux kernel’s BPF subsystem, related to how a user calls the bpftailcall function with a key that is larger than the maxentries of the map. This flaw allows a local user to gain unauthorized access to data...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fixed the leak from the dev tracker. At the stage of direction checks, the netdev reference tracker is already initialized, but it is released with the wrong put call...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed a key reference count leak from call-key. When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This reference is never cleaned up, and it becomes a leak when the call is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/ext: Prevent calls to updatelockedrq with a NULL rq. Avoid invoking updatelockedrq when the runqueue pointer is NULL in the SCXCALLOP and SCXCALLOPRET macros. Previously, calling updatelockedrqNULL with preemption enabled...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Added a missing deinit call. A warning is triggered when repeatedly connecting and disconnecting the rnbd interface: The listadd structure is corrupted. prev-next should be set to next ffff88800b13e480, but it was set ...

Astra Linux - уязвимость в u-boot

A issue was discovered in Das U-Boot during the period from 2019.07. There is a stack-based buffer overflow in the nfshandler reply helper function: rpclookupreply...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i3c: Use i3cdev-desc-info instead of calling i3cdevicegetinfo to avoid deadlock. A deadlock may occur because i3cmasterregister acquires &i3cbus-lock twice. See the log below. Use i3cdev-desc-info instead of calling...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: exec: Force a single empty string when argv is empty Quoting 1 Ariadne Conill: “In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program. This prevents scenarios...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed a slow server-side memory leak caused by RPC-over-TCP. Jan Schunk reported that his small NFS servers experience memory exhaustion after just a few days. A bisect analysis revealed that commit e18e157bb5c8 “SUNRPC:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/scs: Resetting the task stack state in bringupcpu When a CPU is hot-plugged, the idle task on that CPU calls several layers of C code before finally leaving the kernel. When KASAN is in use, a “poisoned” shadow is left behi...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/sched: actmirred: Do not override retval if we have already lost the skb. If we are redirecting the skb, and have not yet called tcfmirredforward, we need to inform the kernel to discard the skb by setting the retcode to SHOT...

Astra Linux - уязвимость в linux-5.10, linux

In the drivers/video/fbdev/smscufx.c file within the Linux kernel, up to version 5.19.12, there is a race condition that can lead to a use-after-free if a physically nearby attacker removes a USB device while the open function is called. This issue is essentially a race condition between ufxopsop...

MAL-2026-4649 Malicious code in promptbook-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1223e123a8bd5b550647d800b438b2c5a78f3e10c9d1ab7a6a7cdbd8be465b90 dist/api.js contains a hardcoded URL https://promts.newtechcompany.ru referenced alongside process.env reads and a fetch call at line 44. The package...

CVE-2026-24163

NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure...

EUVD-2026-31057

NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure...

FreeBSD Security Advisory - FreeBSD-SA-26:22.libcasper

FreeBSD Security Advisory - libcasper3 communicates with helper processes via UNIX domain sockets, and uses the select2 system call to wait for data to become available. However, it does not verify that its socket descriptor fits within select2's descriptor set size limit of FDSETSIZE 1024...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021545)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021545 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/x86: mxm-wmi: fix memleak in mxmwmicallmxds|mx The ACPI buffer memory out.pointer return...

FreeBSD -- Stack buffer overflow via setcred(2)

Problem Description: The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied li...