Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/gt: Fixed a potential UAF issue by revoking the fence registers. CI has been sporadically reporting the following issue triggered by igt@i915selftest@live@hangcheck on ADL-P and similar machines: 414.049203 i915:...

CVE-2026-43237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...

Linux Distros Unpatched Vulnerability : CVE-2026-43237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key update...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from premature fence selection and improper reference management in the amdgpugemvaioctl function. Thi...

CVE-2026-32622

SQLBot is an intelligent data query system based on a large language model and RAG. Versions 1.5.0 and below contain a Stored Prompt Injection vulnerability that chains three flaws: a missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology,...

CVE-2026-32622

SQLBot (versions ≤ 1.5.x) exposes a Stored Prompt Injection vulnerability consisting of three chained flaws: (1) missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology, (2) unsanitized storage of terminology descriptions containing dangero...

CVE-2026-32622 SQLBot: Remote Code Execution via Terminology Poisoning

SQLBot is an intelligent data query system based on a large language model and RAG. Versions 1.5.0 and below contain a Stored Prompt Injection vulnerability that chains three flaws: a missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology,...

RHEL 9 : fence-agents (RHSA-2026:1330)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1330 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable...

MiracleLinux 4 : pacemaker-1.1.10-14.AXS4.2 (AXSA:2014-039:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-039:01 advisory. Pacemaker is an advanced, scalable High-Availability cluster resource manager for Linux-HA Heartbeat and/or Corosync. It supports n-node clusters with...

Prompt Fencing: A Cryptographic Approach to Establishing Security Boundaries in Large Language Model Prompts

Large Language Models LLMs remain vulnerable to prompt injection attacks, representing the most significant security threat in production deployments. We present Prompt Fencing, a novel architectural approach that applies cryptographic authentication and data architecture principles to establish...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-389852)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-389852 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been sporadically reporting th...

CVE-2025-38436 drm/scheduler: signal scheduled fence when kill job

In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drmschedentitykill removes all jobs belonging to that entity through drmschedentitykilljobswork. If application A's job depends on a...

Virtuozzo Hybrid Infrastructure 6.3 Update 1 Hotfix 1 (6.3.1-106)

This update provides stability fixes. Vulnerability id: VSTOR-85873 Disks may be erroneously marked as ill. Vulnerability id: VSTOR-93149, VSTOR-100823 Improvements in the garbage collector. Vulnerability id: VSTOR-94512 Added the volume ID to LUN details. Vulnerability id: VSTOR-95095 Increased...

UBUNTU-CVE-2024-56678

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm/fault: Fix kfence page fault reporting copyfromkernelnofault can be called when doing read of /proc/kcore. /proc/kcore can have some unmapped kfence objects which when read via copyfromkernelnofault can cause page...

kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers

A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...

kernel: drm/i915/gt: Fix potential UAF by revoke of fence registers

A use-after-free was found in drivers/gpu/drm/i915/gt/intelggttfencing.c in the Linux kernel. This issue can be caused by a race among revocation of fence registers on one side and sequential execution of signal callbacks invoked on completion of a request that was using them on the other,...

OESA-2024-2147 fence-agents security update

A collection of executables to handle isolation "fencing" of possibly misbehaving hosts by the means of remote power management, blocking network, storage, or similar. They operate through a unified interface calling conventions devised for the original Red Hat clustering solution. Security Fixes...

How to Disarm Fencing When Using High Availability in XenServer

This article describes how to disarm High Availability HA and prevent XenServer host from fencing. Disarming HA does not stop HA logging...

RLSA-2023:3082 Moderate: pcs security and bug fix update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Denial of service in Multipart MIME parsing CVE-2023-27530 rubygem-rack: denial of service in header parsing CVE-2023-27539 For more details about the security...

pcs security and bug fix update

An update is available for pcs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...