1269 matches found
CVE-2026-43114
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...
SUSE CVE-2026-43057
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
PT-2026-37509
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUG ON by validating rounded allocation When DRM BUDDY CONTIGUOUS ALLOCATION is set, the requested size is rounded up to the next power-of-two via roundup pow of two. Similarly, for non-contiguous allocations...
Improper Access Control
Apache Storm is vulnerable to Improper Access Control. The vulnerability is due to fail-open handling of TLS client authentication in TlsTransportPlugin, where SSLPeerUnverifiedException is suppressed and a fallback principal CN=ANONYMOUS is assigned, allowing unauthenticated clients to obtain a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xfrm: Also calls xfrmstatedeletetunnel at the time of destruction for states that were never added. In commit b441cf3f8c4b “xfrm: deletes x-tunnel as we delete x”, I missed the scenario where state creation fails between full...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the NULL pointer dereferencing issue in the early fallback to fastopen. In the event of an early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated socket to the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Race conditions between subflow failures and additional subflow creations. We have race conditions similar to those addressed by the previous patch, between subflow failures and additional subflow creations. However, these...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blk-mq: Fixed a possible memory leak when registering the ‘hctx’ structure failed. There is one issue that arises during fault injection tests: An unreferenced object with a size of 512 bytes: bash comm "insmod", pid 308021,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: Reports a safe 640x480 mode as a fallback when no EDID is found. When reading the EDID fails and the driver reports that no modes are available, the DRM core adds a fabricated 1024x786 mode to the connector...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fixed page mapping when vmareaallocpages uses high-order fallback to order 0. The vmappagesrangenoflush function assumes that its argument pages contains pages with the same page shift. However, since commit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mptcp: handles DDS corruption consistently. The buggy peer implementation can send corrupted DSS options, consistently causing several warnings in the data path. Use DEBUGNET assertions to avoid errors on some builds and to handl...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: The “kern” flag was removed from fallback sockets. The mptcp ULP extension relies on sk-sksockkern being set correctly. It prevents the call to setsockoptfd, IPPROTOTCP, TCPULP, "mptcp", 6 from working for plain TCP socket...
Astra Linux – Vulnerability in libde265
Libde265 v1.0.4 contains a heap buffer overflow in the putqpel00fallback16 function, which can be exploited through a specially crafted file...
Astra Linux – Vulnerability in libde265
Libde265 v1.0.4 contains a heap buffer overflow in the putweightedbipred16fallback function, which can be exploited through a specially crafted file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a stack-buffer-overflow vulnerability through the use of putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putunweightedpred16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
Astra Linux – Vulnerability in libde265
Libde265 1.0.9 is vulnerable to Buffer Overflow in the function void putqpelfallback...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed a data race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Therefore, we need to add READONCE to its reader...
Astra Linux – Vulnerability in libde265
It was discovered that libde265 v1.0.10 contains a NULL pointer dereference in the putweightedpred8fallback function located in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack through a crafted input file...