113 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netsched: schsfq: Fixed a potential crash during handling of gsoskb. SFQ assumes that it is always able to queue at least one packet. However, after the committed change, sch-q.len can be inflated by packets in sch-gsoskb. An...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: sched: schcake: Fixed the logic for accounting bulk flows in order to ensure host fairness. In schcake, we keep track of the number of active bulk flows per host. This is done when running in the dst/src host fairness mode, which...
CVE-2026-42489
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
CVE-2026-42490
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
CVE-2026-42490
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these...
Xen: domctl Lock Open to Abuse (XSA-492)
To create and manage guests, domctl operations are used by the control domain, a possible Xenstore domain, or by a domain controlling a particular guest. Some of these operations may not be executed in parallel, so a system-wide lock is used. The way that lock is acquired is, however, not providi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: sched/fair: Fixed an error in reweightentity. Syzbot detected a GPF in reweightentity. This issue has been fixed in commit 4ef0c5c6b5ba “kernel/sched: Fixed the issue where schedfork accesses an invalid schedtaskgroup”. There ...
SUSE CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
CVE-2026-43323
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zerovruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisect it to commit b3d99f43c72b "sched/fair: Fix zerovruntime tracking". The combination of yield and tha...
Why Aggregate Accuracy Is Inadequate for Evaluating Fairness in Law Enforcement Facial Recognition Systems
Facial recognition systems are increasingly deployed in law enforcement and security contexts, where algorithmic decisions can carry significant societal consequences. Despite high reported accuracy, growing evidence demonstrates that such systems often exhibit uneven performance across demograph...
Malicious code in fairness-bias (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c76439565a70fd014098388baf5dd9a679f90be992102ba689fc0b7d6d3db352 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-2170 Malicious code in fairness-bias (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c76439565a70fd014098388baf5dd9a679f90be992102ba689fc0b7d6d3db352 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005737)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005737 advisory. In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balanc...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50282: chardev: fix error handling in cdevdeviceadd bsc1249739. CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi:...
SUSE-SU-2026:0350-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50282: chardev: fix error handling in cdevdeviceadd bsc1249739. - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. - CVE-2022-50700:...
ROS-20260120-7333
A vulnerability in the childcfsrqonlist function of the kernel/sched/fair.c module of the Linux kernel is related to buffer overruns in memory as a result of incorrect pointer conversion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004341)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004341 advisory. kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfsquotaus is used e.g., with Kubernetes, allows attackers to cause a denial of service against...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...
kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
A null pointer dereference exists in the linux kernel, such that when sfbinit fails qdisc is NULL, and it will cause gpf issue, leading to damage to the availability of the system...