Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: added handling for RAID1C23/DUP to btrfsreduceallocprofile Callers of btrfsreduceallocprofile expect it to return exactly one allocation profile flag. If this is not done, it may ultimately result in a WARNON and remount-r...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap API: Fixed a possible memory leak for vcapduprule. A fault occurs when CONFIGVCAPKUNITTEST is selected. A memory leak occurs if kzalloc for duprule succeeds, but kmemdup fails. As a result, memory associated...

Astra Linux – Vulnerability in Linux, Linux 5.10

The file net/netfilter/nfdupnetdev.c in the Linux kernel versions 5.4 through 5.6.10 allows local users to gain privileges due to a heap-out-of-bounds write. This issue is related to the nftablesoffload mechanism...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Kernel: Be more careful regarding failures with dupmmap and the registration of uprobes. If a memory allocation fails during dupmmap, the maple tree can remain in an unsafe state for other iterators besides the exit path. All loc...

SUSE CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: s390: Fixed a double-free of GS and RI CBs upon a fork failure. The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially...

MiracleLinux 8 : kernel-4.18.0-348.23.1.el8_5 (AXSA:2022-3179:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3179:07 advisory. kernel: use-after-free in RDMA listen CVE-2021-4028 kernel: heap out of bounds write in nfdupnetdev.c CVE-2022-25636 Tenable has extracted the...

CVE-2021-47818

CVE-2021-47818 affects DupTerminator 1.4.5639.37199. The issue is a denial-of-service where inputting a long string into the Excluded text box can crash the application on Windows 10; a payload of 8000 repeated characters is cited as triggering the stop. The vulnerable component is the text-input...

CVE-2021-47806

Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...

CVE-2021-47806

Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...

Flexense Dup Scout security vulnerabilities

Flexense Dup Scout is a file cleanup tool developed by Flexense Corporation. Version 13.5.28 of Flexense Dup Scout contains a security vulnerability. This vulnerability stems from the Windows service configuration, where service paths are defined without quotes, potentially allowing for the...

CVE-2021-47806

Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...

CVE-2021-47806 Dup Scout 13.5.28 - 'Multiple' Unquoted Service Path

Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...

CVE-2021-47806 Dup Scout 13.5.28 - 'Multiple' Unquoted Service Path

Dup Scout 13.5.28 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Dup Scout Server\bin\dupscts.exe' to inject malicious executables...

CVE-2021-47806

CVE-2021-47806 affects Dup Scout 13.5.28 and is caused by an unquoted Windows service path in the Dup Scout Server binary dupsc ts.exe located at C:\Program Files\Dup Scout Server\bin\dupscts.exe. This unquoted path could allow a local attacker to insert a malicious executable and gain privilege ...

PT-2026-3176

Name of the Vulnerable Software and Affected Versions Dup Scout version 13.5.28 Description The software contains an unquoted service path issue in its Windows service configuration. This allows local attackers to potentially execute arbitrary code. The vulnerable path is located in 'C:Program...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002391 advisory. The archduptaskstruct function in the Transactional Memory TM implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platfo...

PT-2026-6147

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the mm/vma subsystem, specifically related to merging Virtual Memory Areas VMAs after a memory remapping operation mremap. The...

SUSE CVE-2022-50875

In the Linux kernel, the following vulnerability has been resolved: of: overlay: fix null pointer dereferencing in finddupcsetnodeentry and finddupcsetprop When kmalloc fail to allocate memory in kasprintf, fn1 or fn2 will be NULL, and strcmp will cause null pointer dereference...

CVE-2022-50875

In the Linux kernel, the following vulnerability has been resolved: of: overlay: fix null pointer dereferencing in finddupcsetnodeentry and finddupcsetprop When kmalloc fail to allocate memory in kasprintf, fn1 or fn2 will be NULL, and strcmp will cause null pointer dereference...