8 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: nsfs: Permission checks for ns iteration ioctls have been tightened. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each othe...
CVE-2026-23414
CVE-2026-23414 is addressed in the Linux kernel TLS code. The vulnerability involved the async_hold queue that pins encrypted input skbs while AEAD operations reference scatterlist data. The fix centralizes purge of async_hold in tls_decrypt_async_wait(), ensuring all callers (recvmsg drain path,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987639)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987639 advisory. In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a...
kernel: mm: resolve faulty mmap_region() error path behaviour
In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmapregion error path behaviour The mmapregion function is somewhat terrifying, with spaghetti-like control flow and numerous means by which issues can arise and incomplete state, memory leaks and other...
CVE-2021-47496 net/tls: Fix flipped sign in tls_err_abort() calls
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tlserrabort calls sk-skerr appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory corruption in other code. For instance, kworker tlsencryptdone...,...
CVE-2023-28649
The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send device requests to claim already claimed devices. The OvrC cloud platform receives the requests but do...
Linux-Evil-Toolkit - A Framework That Aims To Centralize, Standardize And Simplify The Use Of Various Security Tools For Pentest Professionals
Linux evil toolkit is a framework that aims to centralize, standardize and simplify the use of various security tools for pentest professionals. LETK Linux evil toolkit has few simple commands, one of which is the INIT that allows you to define a target, and thus use all the tools without typing...
[SECURITY] Fedora 17 Update: totpcgi-0.5.4-1.fc17
A CGI/FCGI application to centralize google-authenticator deployments...