2323 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fixed the interrupt exit race issue with security mitigation switches. The RFI and STF security mitigation options can simultaneously alter the interruptexitnotreentrant static branch condition during the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: iouring: It now waits for request completions after exiting. When the ring exits, cleanup is performed, and the final cancellation and waiting for completions are handled by ioringexitwork. This function is invoked by kworker,...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: flush pending destroy work before exitnet release This issue is similar to 2c9f0293280e “netfilter: nftables: flush pending destroy work before netlink notifier”, which addressed a race between the exitnet...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: x86/iopl: Fixed inconsistencies in TIFIOBITMAP The function iobitmapexit is called from exitthread, when a task exists or when a fork fails. In the latter case, exitthread cleans up resources that were allocated during fork...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle protected guests properly in completehypercallexit Use is64bithypercall instead of is64bitmode to detect a 64-bit hypercall when completing said hypercall. For guests with protected state, e.g., SEV-ES and SEV-SN...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fixed the error exit of privcmdioctldmop. The error exit of privcmdioctldmop calls unlockpages, potentially with pages being NULL, leading to a NULL dereference. Additionally, lockpages does not check whether...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: TCP: prevented concurrent execution of tcpskexitbatch. It is possible that two threads call tcpskexitbatch concurrently—once from the cleanupnetworkqueue, and once from a task that failed to clone a new netns. In the latter case,...
Astra Linux - уязвимость в firefox, thunderbird
A malicious website could have used a combination of the fullscreen mode and the requestPointerLock function to cause the user’s mouse to be repositioned unexpectedly. This could lead to confusion among users and, inadvertently, the granting of permissions that the user did not intend to grant...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/xen: Remove the USERGSSYSRET64 paravirt call This change has been committed to the upstream repository as afd30525a659ac0ae0904f0cb4a2ca75522c3123. USERGSSYSRET64 is used to return from a syscall via SYSRET, but a Xen PV gues...
Astra Linux - уязвимость в libcommons-compress-java
There is a vulnerability related to the “Unreachable Exit Condition” „Infinite Loop“ in Apache Commons Compress. This issue affects Apache Commons Compress versions from 1.3 to 1.25.0. Users are recommended to upgrade to version 1.26.0, which fixes this issue...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: perf: Fix for event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferred until the target task resumes in user space through taskwork. However, failures during the process of adding an event’s...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: pps: Fixed a use-after-free On a board running with ntpd and gpsd, I’m encountering a consistent issue of use-after-free in sysexit from gpsd during reboots: pps pps1: Removed ----------- Cut here ------------ kobject: ‘Null’...
Linux Distros Unpatched Vulnerability : CVE-2026-31713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason error, crash while processing FUSEINIT, the filesystem...
Linux Distros Unpatched Vulnerability : CVE-2026-43007
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over th...
CVE-2026-31713
A flaw was found in the Linux kernel's Filesystem in Userspace FUSE component. When using synchronous initialization sync init, if the FUSE server exits unexpectedly while processing the FUSEINIT request, the filesystem creation process can hang. This issue occurs because the mounting thread keep...
CVE-2026-31750
In the Linux kernel, the following vulnerability has been resolved: comedi: runflags cannot determine whether to reclaim chanlist syzbot reported a memory leak 1, because commit 4e1da516debb "comedi: Add reference counting for Comedi command handling" did not consider the exceptional exit case in...
cve-checker-2026
CVE Checker 2026 Multi-OS vulnerability scanner for: - CVE...
CVE-2026-31713
In the Linux kernel, the following vulnerability has been resolved: fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason error, crash while processing FUSEINIT, the filesystem creation will hang. The reason is that while all other threads will...
CVE-2026-31750 comedi: runflags cannot determine whether to reclaim chanlist
In the Linux kernel, the following vulnerability has been resolved: comedi: runflags cannot determine whether to reclaim chanlist syzbot reported a memory leak 1, because commit 4e1da516debb "comedi: Add reference counting for Comedi command handling" did not consider the exceptional exit case in...
CVE-2026-31750
CVE-2026-31750 affects the Linux kernel comedi driver. The issue is a memory leak where chanlist was not freed in the exceptional exit path of do_cmd_ioctl because runflags may be unset; do_become_nonbusy() previously freed chanlist only when runflags were set. The fix adds a check in do_become_n...