gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...

gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name SAN could cause the validation process to incorrectly fall back to checking the Common Name CN field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to...

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

PT-2026-43430

Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random bytes function fell back to using the built-in rand function when none of the Perl modules Crypt::PRNG, Crypt::OpenSSL::Random, Net::SSLeay, Crypt::Random, or...

Malicious code in bandkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 687dcebaf30461a2325de226851b84abfb6db6359a12c9392ece9c5ff02a620d bandkit ships a React component BandPanel that, when rendered without an explicit strategyWalletAddress prop — the configuration shown in the package...

MAL-2026-4496 Malicious code in bandkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 687dcebaf30461a2325de226851b84abfb6db6359a12c9392ece9c5ff02a620d bandkit ships a React component BandPanel that, when rendered without an explicit strategyWalletAddress prop — the configuration shown in the package...

SUSE CVE-2024-3219

The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don't support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verifi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: fixed a refcount bug in skpsockget 2 Syzkaller reported the refcount bug as follows: ------------ cut here ------------ refcountt: saturated; memory was leaking. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: removal of support for TCPULP setsockopt TCPULP setsockopt cannot be used for mptcp because it is already used internally to access subflow tcp sockets at the mptcp level. The syzbot was able to cause a crash in mptcp...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions. The clcsock callback functions will be saved and replaced during the fallback process. However, if the fallback occurs more than once, the copies of these...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – fixed the aead software fallback for the engine. Due to the misuse of the subreq pointer, private context memory was affected. The aead software-related crypto function occasionally causes the operating...

Astra Linux - уязвимость в libde265

Libde265 v1.0.4 contains a stack buffer overflow in the putqpelfallback function, which can be exploited through a specially crafted file...

Astra Linux - уязвимость в libde265

A stack-buffer-overflow exists in libde265 v1.0.8 through fallback-motion.cc in the putepelhvfallback function when running the dec265 program...

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putqpel00fallback16 in the fallback-motion.cc file. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted video file...

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of unsigned short in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a crafted video file...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fixed possible deadlocks in the system-wide PM code. It is reported that in low-memory situations, the system-wide resume core code may lead to deadlocks. This occurs because asyncscheduledev executes its argument...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: net/tls: Fixed an issue where a use-after-free occurred after the TLS device went down or came back online. When a netdev with active TLS offloading goes down, the tlsdevicedown function is called to stop the offloading and te...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use the volume UUID in FSOBJECTIDINFORMATION. Use sb-suuid as the primary identifier for volumes. For file systems that do not provide a UUID, fallback to stfs.ffsid, which is obtained from vfsstatfs...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: Fallback earlier on simultaneous connections Syzkaller reports a race condition in simultaneous connections that leads to inconsistent fallback behavior. Status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021631 advisory. In the Linux kernel, the following vulnerability has been resolved: erofs: fix order = MAXORDER warning due to crafted negative isize As syzbot reported 1, the root...