Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca: fixed an issue where information was leaked when fetching the fw build id. Added missing sanity checks and moved the 255-byte build-id buffer off the stack to prevent the leakage of stack data through debugfs, ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: Fixed an invalid entry fetch in ath12kdpmonsrngprocess. Currently, ath12kdpmonsrngprocess uses ath12khalsrngsrcgetnextentry to fetch the next entry from the destination ring. This is incorrect because...

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/edid: fixed an issue where information was leaked when attempting to obtain the panel ID. Be sure to clear the transfer buffer before retrieving the EDID, to avoid leaking slab data into logs in case of errors where the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unconditionally flushes pending work before the notifier syzbot reports: KASAN: Slab-uaf in nftctxupdate, include/net/netfilter/nftables.h: 1831 KASAN: Slab-uaf in nftcommitrelease,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/mce: Use iscopyfromuser to determine the copyfromuser context Patches in the series “mm/hwpoison: Fix regressions in memory failure handling”, version 4. 1. What is being attempted? This patchset addresses two critical...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Background Fetch API in Google Chrome prior to version 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

Astra Linux – Vulnerability in libonig

A issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as fetchrangequantifier in regparse.c, PFETCH is called without checking PEND. This leads to a buffer overflow issue based on the heap mechanism...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: uprobe: avoided out-of-bounds memory access when fetching args Uprobe needs to fetch args into a percpu buffer, and then copy them to the ring buffer to avoid non-atomic context problems. Sometimes user-space strings or arrays ca...

Linux Distros Unpatched Vulnerability : CVE-2026-43009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src regist...

TFTP Fetch, Linux Execute Command

Fetch and execute an AARCH64 payload from a TFTP server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/linux/tftp/aarch64/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... ms...

HTTPS Fetch, Linux Execute Command

Fetch and execute an AARCH64 payload from an HTTPS server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/linux/https/aarch64/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options...

HTTP Fetch, Linux Execute Command

Fetch and execute an AARCH64 payload from an HTTP server. Execute an arbitrary command or just a /bin/sh shell Module Options msf use payload/cmd/linux/http/aarch64/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... m...

CVE-2026-43009

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter verifier. The verifier, responsible for ensuring the safety of BPF programs, incorrectly tracks the precision of atomic fetch operations. This error can lead to the verifier pruning execution paths that should not be considered...

CVE-2026-43009

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thus receiving th...

CVE-2026-43009 bpf: Fix incorrect pruning due to atomic fetch precision tracking

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thus receiving th...

EUVD-2026-26608

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thus receiving th...

CVE-2026-43009

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thus receiving th...