Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Disable SDMA ECC IRQ only when SDMA RAS is enabled in suspend. sdmav40ip is shared on several ASICS devices. However, in sdmav40hwfini, the driver unconditionally disables ECCIRQ, which is only enabled on those ASICS...

CVE-2026-4391

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

JLSEC-2026-565 In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the...

In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...

CVE-2026-4391

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

EUVD-2026-32585

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391 TeamSpeak 3 Server ECC Key heap-based overflow

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391 TeamSpeak 3 Server ECC Key heap-based overflow

A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able to resolve this...

CVE-2026-4391

CVE-2026-4391 affects TeamSpeak 3 Server up to version 3.13.7. The issue is in an unknown code path of the ECC Key Parser, causing a heap-based buffer overflow that could be triggered remotely. A fixed version is 3.13.8, which upgrades the affected component. If exploiting details are not provide...

PT-2026-44051

Name of the Vulnerable Software and Affected Versions TeamSpeak 3 Server versions prior to 3.13.8 Description A heap-based buffer overflow exists in the ECC Key Parser component. This issue allows a remote attacker to cause a memory corruption by manipulating the parser, which handles Elliptic...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - For the spi: amlogic: spifc-a4 component, there is a issue where the ECC engine is not registered properly upon probe failures, and the remove callback is not executed. - The amlsfcprobe function registers the on-host NAND E...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - drm/amdgpu/gfx: Disable gfx9 cpeccerrorirq only when enabling legacy gfx ras. - gfx9 cpeccerrorirq is only enabled when legacy gfx ras is asserted. - In gfxv90hwfini, the disabling of cpeccerrorirq should be executed under...

CVE-2026-37554

An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the GeoNetworking packet processing pipeline where OpenSSL exceptions from ECC point validation invalid compressed point, point not on curve are not...

SUSE CVE-2026-31783

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback amlsfcprobe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the amdgpuirqput call trace in gmcv100hwfini. The gmc.eccirq is enabled by the firmware based on the IFWI setting. The host driver does not have privileges to enable/disable the interrupt. Therefore, using the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: Unregisters the ECC engine upon probe error and device removal. The on-host hardware ECC engine remains registered both when the spiregistercontroller function returns an error, and also upon device removal...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: removed gfxv110cpeccerrorirqfuncs The gfx.cpeccerrorirq has been removed from gfx11. In gfxv110hwfini, amdgpuirqput is still used to disable this interrupt, which caused the call trace in this function. 102.873958...

CVE-2026-31783

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback amlsfcprobe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...

CVE-2026-31783

The CVE-2026-31783 entry refers to a Linux kernel issue in spi: amlogic: spifc-a4 where the on-host NAND ECC engine teardown was missing in probe unwind and remove-time cleanup. The fix adds a devm cleanup action so nand_ecc_unregister_on_host_hw_engine() runs automatically on probe failures and ...

CVE-2026-31783 spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove() callback

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback amlsfcprobe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...