USN-8296-1 linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

USN-8296-1: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective

1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of...

Astra Linux - уязвимость в mongo-c-driver

Some MongoDB drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. These published events may contain security-sensitive data when specific authentication-related commands are executed. Without proper care, an application...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: USB: Fixed various issues related to null pointer dereferencing on 10Gbps cables. This prevented null pointer dereferences in functions fecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm by simply reusing the 5Gbps...

Astra Linux - уязвимость в linux

In the Linux kernel, from drivers/staging/rtl8188eu/osdep/ioctllinux.c, the function rtwwxsetscan allows writing beyond the end of the -ssid array. NOTE: From the perspective of kernel.org’s release processes, CVE IDs are not typically used for drivers/staging/ unfinished work. However, system...

PT-2026-42392

Name of the Vulnerable Software and Affected Versions NVIDIA RTX 50, 40, 30, and 20 series cards affected versions not specified NVIDIA GTX 16, 10, 900, and some GTX 700 cards affected versions not specified Description A use-after-free issue exists on Linux systems that could allow attackers to...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-8273-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8273-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-8274-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8274-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-8278-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8278-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Cop...

USN-8278-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8277-1 linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8277-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8275-1 linux-xilinx-zynqmp vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

USN-8255-3 linux-nvidia-tegra-5.15, linux-raspi vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

USN-8255-3: Linux kernel vulnerabilities

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. CVE-2023-2640 Shir Tamari and Sagi Tzadik...

USN-8254-3 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...

USN-8254-3: Linux kernel (NVIDIA Tegra) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...

USN-8274-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - BTRFS file system; - Sun RPC protocol; - XFRM subsystem; CVE-2022-49033, CVE-2024-27388,...