23 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
CVE-2026-43007
A flaw was found in the accel/qaic component of the Linux kernel. When a user process terminates before the device's deactivation transaction for a Device-Bound Context DBC is fully processed, the host system can become out of sync with available DBCs. This can lead to a denial of service, where ...
Google Chrome Update Disrupts Infostealer Cookie Theft
Google adds Device Bound Session Credentials DBSC to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows...
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Google has made Device Bound Session Credentials DBSC generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta. The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004130)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004130 advisory. A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver,...
Abacre Restaurant Point of Sale Insecure Storage
All versions of Abacre Restaurant Point of Sale POS up to 15.0.0.1656 leave device-bound license keys in process memory insecurely...
CVE-2025-60791
Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt. The keys can be obtained by attaching a debugger or analyzing the process/memory dump an...
EUVD-2025-5977
Malicious code in bioql PyPI...
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Google has announced that it's making a security feature called Device Bound Session Credentials DBSC in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first introduced as a prototype in April 2024, is designed to bind authentication sessions to a devic...
iommu/arm-smmu: Defer probe of clients after smmu device bound
...
SUSE CVE-2025-21808
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
CVE-2025-21808
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
DEBIAN-CVE-2025-21808
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
UBUNTU-CVE-2025-21808
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
CVE-2025-21808 net: xdp: Disallow attaching device-bound programs in generic mode
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
CVE-2025-21808 net: xdp: Disallow attaching device-bound programs in generic mode
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
CVE-2025-21808
CVE-2025-21808: Linux kernel vulnerability in net: xdp where device-bound programs could be attached in generic mode, causing metadata kfuncs to run in an invalid context and crash. The fix adds a guard to disallow attaching device-bound programs in generic XDP mode, preventing invalid-context ex...
CVE-2025-21808
In the Linux kernel, the following vulnerability has been resolved: net: xdp: Disallow attaching device-bound programs in generic mode Device-bound programs are used to support RX metadata kfuncs. These kfuncs are driver-specific and rely on the driver context to read the metadata. This means the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not disabling the attachment of a device-bound program in general-purpose mode, which could lead to a crash...
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware
Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. "On Windows, Chrome uses the Data Protection API DPAPI which protects the data at rest...