Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a double-free in arfscreategroups. When the memory allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only function calling arfscreategroups, will hold...

giflib security update

5.1.4-4 - fix CVE-2026-23868: double free in GifMakeSavedImage RHEL-154853...

CVE-2026-33995

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2026-23868)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-23868 advisory. - Giflib contains a double-free vulnerability that is the result of a shallow copy in...

EUVD-2017-16418

Malware in sbrugna...

EUVD-2024-32502

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: algifhash - fix double free in hashaccept If accept2 is called on socket type algifhash with MSGMORE flag set and cryptoahashimport fails, sk2 is freed...

Debian dla-4267 : gnutls-bin - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4267 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4267-1 [email protected]...

RockyLinux 8 : kernel-rt (RLSA-2025:11299)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11299 advisory. kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel:...

RLSA-2025:8292 Important: mingw-freetype and spice-client-win security update

MinGW Windows Freetype library. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 libsoup: Integer overflow in appendparamquoted CVE-2025-32050 libsoup: Heap buffer overflow in sniffunknown...

CVE-2025-38490

In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate pagepoolputfullpage pagepoolputfullpage should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant...

CVE-2025-38423

CVE-2025-38423 — Linux kernel, ASoC: codecs: wcd9375. The issue occurs in the probe path where regulator supplies are obtained with devm_regulator_bulk_get() and could be freed twice if regulator_bulk_free() is called in error paths, leading to a potential double-free situation. The published fix...

ALSA-2025:11298 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel: media: uvcvideo: Fix double free in error path...

PT-2025-29063 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's fbnic module related to DMA mapping of firmware messages. The issue involves a potential double free when failing to DMA-map firmware messages, wher...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2025:01802-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01802-1 advisory. - CVE-2025-4948: Fixed integer underflow in soupmultipartnewfrommessage leading to denial of...

CVE-2025-4574 Crossbeam-channel: crossbeam-channel vulnerable to double free on drop

In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption...

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2025-962)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-962 advisory. A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out- of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to...

FreeBSD : mozilla -- double free error (b65b1217-1887-11f0-a8ce-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b65b1217-1887-11f0-a8ce-b42e991fc52e advisory. [email protected] reports: A double-free issue could have occurred in secpkcs7decoderstartdecrypt wh...

Linux Distros Unpatched Vulnerability : CVE-2024-41087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ataportalloc call in atahostalloc...

Linux Distros Unpatched Vulnerability : CVE-2024-42069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix possible double free in error handling path When auxiliarydeviceadd returns...