Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: The call to CPRESETCONTEXTSTATE This call is necessary when switching contexts, as there are various states used by the user space to synchronize between BR and BV. These states are persistent across submissions, an...

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

Mezo: ERC-20 bridgeOut burn can be erased by a stale StateDB overwrite leading to full L1 bridge drain

Note: the fixed version of the validator client has been deployed for some time. Impact Potential full drain of L1 bridge without changing bridged balance on Mezo. Brief/Intro A malicious user can steal all ERC-20 tokens locked in the L1 bridge by repeatedly calling the bridgeOut precompile from ...

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

Improper Synchronization

Overview Affected versions of this package are vulnerable to Improper Synchronization through the bridgeOut precompile. An attacker can restore their ERC-20 token balance and allowance after a burn operation by exploiting stale state overwrites in the dual-context state management, enabling...

EUVD-2025-20068

Malicious code in bioql PyPI...

The vulnerability of the CP_RESET_CONTEXT_STATE() function in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the CPRESETCONTEXTSTATE function in Linux operating systems is related to improper release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2025-38188

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...

DEBIAN-CVE-2025-38188

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the context state not being reset, which could lead to a denial of service...

CVE-2022-39354

SputnikVM, also called evm, is a Rust implementation of Ethereum Virtual Machine. A custom stateful precompile can use the isstatic parameter to determine if the call is executed in a static context via STATICCALL, and thus decide if stateful operations should be done. Prior to version 0.36.0, th...