9198 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disabling trampoline for kernel module function tracing The current implementation of BPF trampoline in LoongArch is incompatible with tracing functions in kernel modules. This causes several serious and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fixed the NULL crash caused by the shrinker function when cgroupdisable=memory is set. Christian reported a NULL dereference in zswap; he was able to trace the issue back to the zswap shrinker function. This issue also...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: - spi: rockchip: Fixed improper handling of runtime PM/system PM operations. The commit e882575efc77 “spi: rockchip: Suspend and resume the bus during NOIRQSYSTEMSLEEPPM ops” no longer respects the runtime PM status and simply...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: HFI – Added syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during boot and remain...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the f2fsbugon when uninstalling the filesystem, specifically the call to f2fsevict inode. Creating large files during the checkpoint disabling period results in insufficient free segments. When writing back the root...
Astra Linux – Vulnerability in rabbitMQ-server
RabbitMQ is a multi-protocol messaging broker. In rabbitMQ-server prior to version 3.8.17, adding a new user through the management UI could result in the user’s banner being displayed in a confirmation message without proper tag sanitization, potentially allowing for JavaScript code execution...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: Fixed the issue where quota root leaks after quota disabling fails. If, during quota disabling, we fail to clean the quota tree or delete the root node from the root tree, we jump to the ‘out’ label without ever...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: s390: Disabling ARCHWANTOPTIMIZEHUGETLBVMEMMAP According to Luiz Capitulino, enabling HVO on s390 leads to reproducible crashes. The issue arises because the kernel’s page tables are modified without flushing the corresponding TL...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: media: mediatek: vcodec: fix decoder disable PM crash It is not possible to call pmruntimedisable when the architecture supports a sub-device for “dev-pm.dev” is NUll, or it may cause a crash log. 10.771551 pc :...
CVE-2025-53114
CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged...
CVE-2025-53114 CometD has acknowledgement extension out of memory
CometD is a scalable comet implementation for web messaging. In versions 5.0.0 through 5.0.22, 6.0.0 through 6.0.18, 7.0.0 through 7.0.18, and 8.0.0 through 8.0.8, bad clients that always send a fixed batch value when the server is using the acknowledgement extension may cause the unacknowledged...
CVE-2025-53114
Affected software: CometD server implementations. A vulnerability arises when clients consistently set ext.ack to 1 during /meta/connect while the acknowledgement extension is enabled, causing the unacknowledged message queue to grow without bound and potentially trigger OutOfMemoryError. Affecte...
CVE-2026-34355
A vulnerability has been identified in the Apache HTTP Server. If the server is configured to connect to a malicious or compromised backend server, an attacker could exploit this flaw to bypass security controls or run unauthorized code on the system. Mitigation Disable the modproxyhtml module if...
CVE-2026-50141
Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...
EUVD-2026-37897
Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...
CVE-2026-50141
Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...
EUVD-2026-37554
In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
DEBIAN-CVE-2026-6733
Impact: Undici's HTTP/1.1 client is vulnerable to response queue poisoning on reused keep-alive sockets. An attacker-controlled upstream server can inject an unsolicited HTTP/1.1 response onto an idle socket after a request completes. When the client dispatches the next request on that socket, it...
CVE-2026-0019
In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE-SU-2026:22145-1 Security update for openvswitch
This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. - CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499. - CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Changes for...