Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fixed a double-free in arfscreategroups. When the memory allocated by kvzalloc fails, arfscreategroups will free ft-g and return an error. However, arfscreatetable, the only function calling arfscreategroups, will hold...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

netbox-data-flows has stored XSS in ObjectAlias names rendered inside DataFlow tables

Summary An authenticated user who can create or edit ObjectAlias objects can store arbitrary HTML/JavaScript in an alias name. That payload is later rendered unescaped in DataFlow table views, causing a stored XSS when another user views the affected page. Details The issue is caused by unsafe HT...

PT-2025-42254

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the mlx5 network component, specifically related to the release of flow counter hardware structures HWS actions. This flaw occurs...

EUVD-2015-0652

Malware in sbrugna...

EUVD-2024-51793

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper handling of work queues during flow table cleanup, which could lead to reuse after release...

Linux Distros Unpatched Vulnerability : CVE-2024-53121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step...

kernel: net/sched: Fix UAF when resolving a clash

A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...

DEBIAN-CVE-2024-53121

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and unlock the FTE. - Lock...

AZL-54243 CVE-2024-53121 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, lock FTE when checking if active The referenced commits introduced a two-step process for deleting FTEs: - Lock the FTE, delete it from hardware, set the hardware deletion function to NULL and unlock the FTE. - Lock...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the active flag for FTEs in the net/mlx5 component not being checked by locking during deletion, causing the...

SUSE CVE-2022-48976

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...

AZL-51327 CVE-2022-48976 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...

DEBIAN-CVE-2022-48976

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtableoffload: fix using thiscpuadd in preemptible flowoffloadqueuework can be called in workqueue without bh disabled, like the call trace showed in my actct testing, calling NFFLOWTABLESTATINC there would cause a...

kernel: net/sched: Fix UAF when resolving a clash

A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...

kernel: net/sched: Fix UAF when resolving a clash

A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...

kernel: net/sched: Fix UAF when resolving a clash

A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...

kernel: net/sched: Fix UAF when resolving a clash

A use-after-free vulnerability was found in the net/sshd tcfctflowtableprocessconn of the Linux kernel. This flaw allows an attacker with a crafted payload to induce a system crash, resulting in a loss of system availability...

AZL-49015 CVE-2024-44983 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate vlan header Ensure there is sufficient room to access the protocol field of the VLAN header, validate it once before the flowtable lookup. ===================================================== BUG:...