17 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: Fixed an out-of-bounds access issue in mchpipcgetclusteraggrirq. The clustercfg array is dynamically allocated to hold per-CPU configuration structures. Its size is determined by the number of online CPUs...
CVE-2026-43274
Summary (validated by connected docs): In the Linux kernel, the mailbox subsystem (mchp-ipc-sbi) had an out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() caused by indexing the dynamically allocated cluster_cfg array with hartid (potentially non-contiguous/ out of range). The fix switches t...
Linux Distros Unpatched Vulnerability : CVE-2026-43274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration...
EUVD-2024-36370
Malicious code in bioql PyPI...
CVE-2024-36982 Denial of Service through null pointer reference in “cluster/config” REST endpoint
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.207, an attacker could trigger a null pointer reference on the cluster/config REST endpoint, which could result in a crash of the Splunk daemon...
CVE-2024-36982
Summary (CVE-2024-36982) : Splunk Enterprise (versions < 9.2.2, < 9.1.5, < 9.0.10) and Splunk Cloud Platform (versions < 9.1.2312.109,
PT-2024-27231 · Splunk · Splunk Cloud Platform +1
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.109 Splunk Cloud Platform versions prior to 9.1.2308.207...
[SECURITY] Fedora 36 Update: pcs-0.11.3-4.fc36
pcs is a corosync and pacemaker configuration tool. It permits users to easily view, modify and create pacemaker based clusters...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...
Improper Removal of Sensitive Information Before Storage or Transfer
Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...