235 matches found
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: chisel-fips, crossplane-provider-aws-osis-fips, crossplane-provider-azure-policyinsights, cg, flux-image-automation-controller, cloudflared, buildah-fips, mattermost, knative-eventing-fips, seaweedfs-rocksdb-fips, atlantis, buildkitd-fips,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: apko-fips, grype, splunk-otel-collector, chisel-fips, clickhouse-backup-fips, crossplane-provider-azure-policyinsights, flux-kustomize-controller, cg, rootlesskit, opentelemetry-collector, trivy-operator-fips, flux-image-automation-controller, buildah-fips, mattermos...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: chisel-fips, crossplane-provider-aws-osis-fips, crossplane-provider-azure-policyinsights, cg, flux-image-automation-controller, cloudflared, buildah-fips, mattermost, knative-eventing-fips, seaweedfs-rocksdb-fips, atlantis, buildkitd-fips,...
GHSA-45GG-VH54-H5M9 vulnerabilities
Vulnerabilities for packages: chisel-fips, opentelemetry-collector, trivy-operator-fips, flux-image-automation-controller, mattermost, knative-eventing-fips, seaweedfs-rocksdb-fips, flux, osv-scanner, coder-fips, docker-machine-driver-harvester, traefik, argo-workflows, gitlab-kas, istio,...
GHSA-78MQ-XCR3-XM33 vulnerabilities
Vulnerabilities for packages: apko-fips, grype, splunk-otel-collector, cg, opentelemetry-collector, trivy-operator-fips, flux-image-automation-controller, mattermost, knative-eventing-fips, flux, osv-scanner, trufflehog-fips, pulumi, splunk-otel-collector-fips, argo-events-fips, chainctl,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: opentelemetry-collector, buildah-fips, mattermost, knative-eventing-fips, flux, traefik, argo-workflows, gitlab-kas, istio, prometheus-operator, helm, reports-server, upwind-agent, kine, knative-serving-fips, zitadel, kube-state-metrics, harbor, terraform,...
GHSA-X527-X647-Q7GG vulnerabilities
Vulnerabilities for packages: kyverno, rancher-agent, kubernetes-dashboard, containerd, external-dns, prometheus, knative-serving, argocd-image-updater, opentelemetry-collector, cert-manager, snyk-cli, helm, kubernetes, spire-server, gitea, chisel, nerdctl, flux, istio, loki, kaf, vitess, minio,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: syft, kubernetes-dashboard, crossplane-provider-azure-sql, prometheus, knative-serving, cert-manager, podman, chezmoi, flux-notification-controller, istio, loki, vitess, minio, flux-source-controller, kubescape, cluster-api-azure-controller, tkn, argo-events,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: kyverno, rancher-agent, kubernetes-dashboard, containerd, external-dns, prometheus, knative-serving, opentelemetry-collector, snyk-cli, cert-manager, podman, helm, kubernetes, spire-server, nerdctl, flux, docker-cli-buildx, istio, loki, kaf, vitess, minio, cilium-cli...
GHSA-F5WC-C3C7-36MC vulnerabilities
Vulnerabilities for packages: syft, kubernetes-dashboard, prometheus, knative-serving, cert-manager, podman, chezmoi, istio, loki, vitess, minio, flux-source-controller, kubescape, argo-events, flux-image-automation-controller, fscrypt, go-discover, telegraf, gitlab-kas, teleport, act,...
SUSE CVE-2026-46066
In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...
CVE-2026-46066
A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...
CVE-2026-46066
In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an issue where an uninitialized pointer was freed during the readalloconename function. The readalloconename function does not initialize the name field of the passed fscryptstr structure if kmalloc fails to allocate...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by the commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method". The code for this function was moved from...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Ceph: Fixed a crash in processv2sparseread for encrypted directories. A crash in processv2sparseread for fscrypt-encrypted directories has been reported. This issue occurs in the Ceph msgr2 protocol in secure mode. It can be...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: memory leaks have been fixed in ext4fnamesetupfilename,preparelookup. If filename case-folding fails, memory will be leaked from the fscryptname structure, specifically from the 'cryptobuf.name' member. Make sure that this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: fscrypt: fixed an underflow issue during left shift when inode-iblkbits PAGESHIFT When simulating an nvme device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, an error trace appears during partition...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: Memory freed for the tmpfile name When opening a ubifs tmpfile in an encrypted directory, the function fscryptsetupfilename allocates memory for the name that will be stored in the directory entry. However, after the name ...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete The function fscryptDestroykeyring must be called after all potentially-encrypted inodes have been evicted; otherwise, it cannot safely destroy the keyring. Since inodes that are...