Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ice: Fix for Rx page leaks in multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice...

Astra Linux - уязвимость в libreoffice

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to create documents that would load external links without any prompts. In affected versions of LibreOffice documents that used “floating frames” linked to external files, the contents of those...

Astra Linux - уязвимость в linux, linux-5.10

Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel versions 5.1 through 5.19.x, prior to 5.19.16, could be exploited by local attackers those capable of injecting WLAN frames to trigger use-after-free conditions, potentially allowing them to execute...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the number of channels in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file in the WILC1000 wireless driver can lead to a heap-based buffer overflow when copying the list of operating channels from...

Astra Linux - уязвимость в chromium

The use of after-free in Frames in Google Chrome before version 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtw88: Use ieee80211purgetxqueue to purge TX skb. When removing kernel modules using: rmmod rtw888723cs rtw888703b rtw888723x rtw88sdio rtw88core The driver uses skbqueuepurge to purge TX skb, but does not report the TX...

Astra Linux - уязвимость в dav1d

An integer overflow occurs in the dav1d AV1 decoder, which can happen when decoding videos with a large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading to a version later than 1.4.0 of dav1d...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed a resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb that matches the received frame’s RCTL, the frame is discarded, and resources may be leaked. This issue was fixed by...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: cfg80211: A use-after-free issue was addressed in the cmpbss function. This issue was introduced due to a quirky behavior of the bssfree function introduced in commit 776b3580178f „cfg80211: Properly track hidden SSID...

Astra Linux - уязвимость в imagemagick

ImageMagick 7.0.10-34 allows division by zero in the OptimizeLayerFrames function in MagickCore/layer.c, which may lead to a denial of service...

Astra Linux - уязвимость в linux-5.10

A issue was discovered in the Linux kernel before version 6.0.11. Missing validation of the IEEE80211P2PATTRCHANNELLIST in the drivers/net/wireless/microchip/wilc1000/cfg80211.c file, within the WILC1000 wireless driver, can lead to a heap-based buffer overflow when parsing the operating channel...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021644 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: avoid leaving partial pfn mappings around in error case As Jann points out, PFN mappings are...

CVE-2026-43970

A flaw was found in cowlib. This vulnerability, categorized as Improper Handling of Highly Compressed Data Data Amplification, allows an unauthenticated remote attacker to cause a denial of service DoS. By sending a specially crafted SPDY frame, the cowspdy:inflate/2 function in cowlib passes...

netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

A flaw was found in Netty. A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume...

netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

A flaw was found in Netty. A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume...

CVE-2026-42786

A flaw was found in bandit. A remote, unauthenticated attacker can exploit an Allocation of Resources Without Limits or Throttling vulnerability in the fragment reassembly path of the WebSocket connection handling. This allows the attacker to send an unbounded number of continuation frames, leadi...

CVE-2026-42788

A flaw was found in bandit. An unauthenticated remote attacker can exploit a vulnerability in the HTTP/2 frame deserialization process by sending oversized HTTP/2 frames. This allows the attacker to force the server to buffer excessive amounts of memory, leading to memory exhaustion and a denial ...

RUSTSEC-2026-0154 Unbounded 32-bit allocation

Both the SSH agent server and client accepted peer-controlled frame lengths without enforcing a maximum frame size. This could cause large memory allocations while parsing a maliciously crafted agent frame. A malicious peer could advertise an oversized frame length, causing the client or server t...

Unbounded 32-bit allocation

Both the SSH agent server and client accepted peer-controlled frame lengths without enforcing a maximum frame size. This could cause large memory allocations while parsing a maliciously crafted agent frame. A malicious peer could advertise an oversized frame length, causing the client or server t...