CVE-2026-9084

MISP’s OIDC authentication plugin allowed automatic linking of an OIDC identity to an existing local user account based on the email claim when the local account had no stored sub value. Under insecure or untrusted IdP configurations where email ownership is not enforced, an attacker with a valid...

keycloak: Keycloak: Information disclosure via OIDC token introspection endpoint audience bypass

A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect OIDC token introspection endpoint allows a confidential client to bypass audience restrictions. An attacker-controlled client with valid credentials can retrieve sensitive token claims intended for other...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: HID: logitech-hidpp: Fixed a kernel crash when the USB connection is disconnected. The function hidppconnectevent experiences four times-of-check versus-time-of-use TOCTOU races. This race occurs when hidppconnectevent is...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vsock: Remove the socket from the connected list when the connect operation is interrupted by a signal. The vsockconnect function expects that the socket might already be in the TCPESTABLISHED state when the connect operation is...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: Gadget: Core: Prevent panic during UVC unconfiguration Avichal Rakesh reported a kernel panic that occurred when the UVC gadget driver was removed from a gadget’s configuration. The panic involves a somewhat complex...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. mptcpactiveenable is called from subflowfinishconnect, which is icsk-icskafops-skrxdstset. This call isn’t always under a RCU context. Using skdstgetsk-dev could lead to a U...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Discard packets if the transport changes. If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when accessing...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed a double-free operation in userclusterconnect. userclusterdisconnect frees "conn-ccprivate", which is actually "lc". However, the error handling frees "lc" again. Setting "lc" to NULL in this case can prevent a...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: vsock: Ignore signals/timesouts on connect if the socket is already established. During connect, acting on a signal/timesout by disconnecting an already established socket leads to several issues: 1. connect invokes...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a use-after-free in ksmbdtreeconnectput under concurrency conditions. Under high concurrency, a tree-connection object tcon is freed during a disconnection path, while another path still holds a reference to it...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Fixed race condition in TTY wakeup A race condition occurs when gsstartio calls either gsstartrx or gsstarttx. These functions briefly release the portlock of usbepqueue. This allows gsclose and...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: TCP: Fixed handling of refcnt in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a “dccp/tcp: Unhash sk from ehash for tb2 allocation failure after checkestablished” attempted to fix ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Use memset to avoid memory leaks. Use memset to initialize structs to prevent memory leaks. In l2capecredconnect...

Astra Linux - уязвимость в jackd2

In posix/JackSocket.cpp within the libjack library in JACK2 version 1.9.1 through 1.9.12 distributed with alsa-plugins 1.1.7 and later, there is an issue where “double file descriptor closes” occur during a failed connection attempt when jackd2 is not running. Successful exploitation depends on t...

Astra Linux - уязвимость в mariadb-10.3

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected MariaDB installations. Authentication is required to exploit this vulnerability. The specific flaw exists within the processin...

Astra Linux - уязвимость в thunderbird, firefox

A poorly handled security check during the creation of a WebSocket in a WebWorker caused the Content Security Policy’s connect-src header to be ignored. This could lead to connections being made to restricted origins from within WebWorkers. This vulnerability affects Firefox 109, Firefox ESR 102....

Astra Linux - уязвимость в firefox

An attacker was able to bypass the connect-src directive of a Content Security Policy by manipulating subdocuments. This would have also hidden the connections from the Network tab in Devtools. This vulnerability was fixed in Firefox 140 and Thunderbird 140...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fixed a NULL pointer dereference issue when using TCP-AO with TCPREPAIR. A NULL pointer dereference can occur in the tcpaofinishconnect function during a connect system call on a socket that has a TCP-AO key added and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000 – Fixed RCU usage in the connect path. With lockdep enabled, calls to the connect function from the cfg802.11 layer lead to the following warning: ============================= WARNING: Suspicious RCU usage...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev-devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phydetach calls devicelinkdel to remove the device link, b...