Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after a non-fatal error The commit 004d25060c78 “igb: Fix igbdown hung on surprise removal” changed igbioerrordetected to ignore non-fatal pcie errors, in order to avoid tasks hanging that can occu...

CVE-2026-35378

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...

CVE-2026-35378 uutils coreutils expr Local Denial of Service via Eager Evaluation of Parenthesized Subexpressions

A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw prevents the utility from performing proper short-circuiting for logical OR | and AND & operation...

UBUNTU-CVE-2026-34479

The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers are required to reject documents containing such characters with a fatal error, which may cause downstream log...

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper handling of direct memory writing by the input/output memory management unit. This can allow malicious client virtual machines ...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

PT-2026-3330

Name of the Vulnerable Software and Affected Versions Gradle versions prior to 9.3.0 Description Gradle’s native-platform tool, which provides Java bindings for native APIs, does not treat certain exceptions as fatal errors when resolving dependencies in versions before 9.3.0. This allows Gradle ...

EUVD-2005-0622

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-27465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some...

CVE-2025-27465

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up an...

CVE-2025-27465

Certain instructions need intercepting and emulating by Xen. In some cases Xen emulates the instruction by replaying it, using an executable stub. Some instructions may raise an exception, which is supposed to be handled gracefully. Certain replayed instructions have additional logic to set up an...

DEBIAN-CVE-2025-38289

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...

SUSE CVE-2024-50040

In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 "igb: Fix igbdown hung on surprise removal" changed igbioerrordetected to ignore non-fatal pcie errors in order to avoid hung task that can happen when...

DEBIAN-CVE-2024-50040

In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 "igb: Fix igbdown hung on surprise removal" changed igbioerrordetected to ignore non-fatal pcie errors in order to avoid hung task that can happen when...

UBUNTU-CVE-2024-50040

In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error Commit 004d25060c78 "igb: Fix igbdown hung on surprise removal" changed igbioerrordetected to ignore non-fatal pcie errors in order to avoid hung task that can happen when...

CVE-2023-34453 snappy-java's Integer Overflow vulnerability in shuffle leads to DoS

snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing a fatal error. The function shuffleint input in the file BitShuffle.java receives an array of integers and applies a bit shuffle on it. It...

SUSE CVE-2010-2531

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

PT-2025-26007 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from the Linux kernel's KVM module not properly handling the unloading of modules, specifically when using try get module. This can lead to fatal errors, such as...

CVE-2019-13960

In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header. NOTE: the vendor's expectation, for use cases in which this memory usage would be a denial of service, is that the...