Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390: Avoid using a global register for the currentstackpointer. The commit 30de14b1884b “s390: The currentstackpointer should not be a function” changed the currentstackpointer to a global register variable, as is common on many...

gcc-toolset-13-gcc bug fix and enhancement update

An update is available for gcc-toolset-13-gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gcc-toolset-13-gcc13 package contains the GNU Compiler...

Security update for rust1.93

This update for rust1.93 fixes the following issues: Security issue: CVE-2026-31812: denial of service via crafted QUIC initial packet bsc1259623. Non security issue: Resolve missing gcc requirement that may affect some crate buildin bsc1253321. Patch Instructions: To install this SUSE update use...

Classic-Heap-Attacks-POCs-Windows-10

Pruebas de concepto contra el heap de Windows En este reposit...

CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

AZL-79601 CVE-2026-27142 affecting package gcc 13.2.0-7

Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...

NewStart CGSL MAIN 6.06 (SP) : gcc Vulnerability (NS-SA-2026-0008)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has gcc packages installed that are affected by a vulnerability: - The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the...

MiracleLinux 7 : gcc-4.8.5-28.el7 (AXSA:2018-2900:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2900:03 advisory. gcc: GCC generates incorrect code for RDRAND/RDSEED intrinsics CVE-2017-11671 Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000747)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000747 advisory. The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorre...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001384 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004089 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

RHSA-2026:0341 Red Hat Security Advisory: gcc-toolset-14-binutils security update

Bulletin has no description...

MiracleLinux 3 : gcc-4.1.2-50.0.1 (AXSA:2011-05:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-05:01 advisory. The gcc package contains the GNU Compiler Collection version 4.1. You will need this package in order to compile C code. Security issues fixed with th...

Astra Linux – Vulnerability in Botan

Before version 3.6.0, when certain GCC versions were used, Botan had a compiler-induced operation that relied on secrets in the donna128.h file of lib/utils. This operation was used in Chacha-Poly1305 and x25519. An addition operation could be skipped if a carry wasn’t set. This issue was observe...

RHSA-2026:0108 Red Hat Security Advisory: gcc-toolset-15-binutils security update

Bulletin has no description...

gcc-toolset-14-binutils security update

2.41-5.1 - Fix a potential illegal memory access when linking a corrupt input file. RHEL-130669...

PT-2026-26340

Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.4 Description The software contains a flaw in the constant-time masking logic within the sp 256 get entry 256 9 function. When compiled with GCC targeting RISC-V RV32I using the -O3 optimization flag, the logic is altered...

SUSE CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

UBUNTU-CVE-2022-50812

In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIGZEROCALLUSEDREGS to gcc or clang 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences see the links above the check for more information. Restrict...

CVE-2022-50812

The CVE-2022-50812 issue affects the Linux kernel, arising from a bug in clang’s -fzero-call-used-regs implementation. The vulnerability can cause NULL pointer dereferences. The fix is to restrict CONFIG_ZERO_CALL_USED_REGS to a supported GCC version or a clang newer than 15.0.6 (and to cover the...