629 matches found
JLSEC-2026-558
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
PT-2026-47116
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: clone set element expression template The memcpy function breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list; otherwise, the connlimit garbage collect...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² firefox, thunderbird
Incorrect boundary conditions in the JavaScript: GC component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² firefox
If array shift operations are not used, the Garbage Collector may become confused regarding valid objects. This vulnerability affects Firefox versions less than 101...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² firefox, thunderbird
Certain types of allocations lacked annotations that, if the Garbage Collector was in a specific state, could have led to memory corruption and potentially exploitable crashes. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: ipset: Fixed issues related to region locking in hash types. The region locking mechanism introduced in v5.6-rc4 included three macros for handling region locks: ahashbucketstart, ahashbucketend which return the sta...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² linux-5.10
Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector, but the upstream commit 8594d9b85c07 "afunix: Do not call skbget for OOB skb" addresses this issue. When orphaned MSGOOB sockets reach unixgc, the garbage collector still calls kfreeskb, assuming that OOB SKBs hold two references...
Astra Linux - ŃŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š² firefox
Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...
SUSE CVE-2026-31455
In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues -...
CVE-2026-31455
In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfsunmountflushinodes pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues -...
CVE-2026-31455
CVE-2026-31455 pertains to the Linux kernel, specific to the XFS unmount path. During unmount, in xfs_unmount_flush_inodes(), the AIL is pushed while background reclaim and inodegc may still be running, which can lead to inodes being dirtied or re-queued into the AIL. The provided fix reorders th...
PT-2026-34360
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the XFS file system where the unmount sequence in the xfs unmount flush inodes function pushes the Active Item List AIL while background reclaim and inode garbage...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012951)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012951 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011383)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011383 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007286)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007286 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...
fickling modules linecache, difflib and gc are missing from the unsafe modules blocklist
Our analysis As stated in the project's security policy, we also don't consider UnusedVariables bypasses to be security issues. We added several unsafe modules mentioned by the reporter in advisory comments to the blocklist...
firefox: thunderbird: Use-after-free in the JavaScript: GC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component...
firefox: thunderbird: Use-after-free in the JavaScript: GC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component...
Linux Distros Unpatched Vulnerability : CVE-2025-13350
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8 GA retains the legacy AFUNIX garbage collector but backports upstream commit 8594d9b85c07 afunix: Don't call skbget for OOB skb. When orphaned...