Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ntfs: Check overflow when iterating ATTRRECORDs The kernel iterates over ATTRRECORDS in mft records in the ntfsattrfind function. Since ATTRRECORDS are adjacent to each other, the kernel can access the next ATTRRECORD from the en...

CVE-2026-23416

The CVE-2026-23416 issue affects the Linux kernel (mm/mseal) where vm_area_struct end handling could become stale during VMA merges. The root cause is curr_end not staying in sync when a VMA is updated via vma_modify_flags(), leading to an incorrect curr_start on the next iteration. The fix uncon...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from mm mseal failing to correctly update the end address during the merging of VMA sections,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002163 advisory. The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization...

Tenda AC10 安全漏洞

The Tenda AC10 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC10 15.03.06.47 and earlier versions, which originates from the failure of the formSetPPTPServer parameters startIp and endIp to properly validate the length of the input data in t...

UBUNTU-CVE-2022-49762

In the Linux kernel, the following vulnerability has been resolved: ntfs: check overflow when iterating ATTRRECORDs Kernel iterates over ATTRRECORDs in mft record in ntfsattrfind. Because the ATTRRECORDs are next to each other, kernel can get the next ATTRRECORD from end address of current...

CVE-2025-3346

A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptpserverstartip/pptpserverendip leads to buffer overflow. The attack may be launched...

Tenda RX3 安全漏洞

Tenda RX3 is a dual-band WiFi 6 home wireless router from Tenda China. It is used for home network coverage and supports high-speed wireless connection. The Tenda RX3 suffers from a SetPptpServerCfg buffer overflow vulnerability, which originates from the startIp and endIp parameters in...

PT-2023-9747 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the BPF Berkeley Packet Filter program in the Linux kernel. When the bpf throw kfunc is called, it triggers dead code elimination in an unprecedented way, causi...

SUSE CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1475)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denia...

PT-2018-1904 · Qemu +5 · Qemu +5

Name of the Vulnerable Software and Affected Versions: Qemu affected versions not specified Description: The issue is related to the load multiboot function in Qemu, which can lead to an out-of-bounds read or write memory access when using multiboot. This can allow an attacker to execute arbitrar...

PT-2017-2390 · Linux +3 · Linux +3

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is caused by a minimal memory range between the upper boundary of the stack and the PIE binary code segment located in memory starting at 0x80000000. This occurs when the RLIMIT STA...

kvm: cross page vapic_addr access

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

kvm: cross page vapic_addr access

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

DEBIAN-CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

CVE-2013-6368

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

kvm: cross page vapic_addr access

The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service system crash via a VAPIC synchronization operation involving a page-end address...

PT-2013-6014 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.12.6 Description: The issue allows local users to gain privileges or cause a denial of service, resulting in a system crash, via a VAPIC synchronization operation involving a page-end address. Recommendations:...