Astra Linux - уязвимость в cups-filters

“cups-filters” contains backends, filters, and other software required to make the cups printing service work on operating systems other than macOS. If you use the Backend Error Handler beh to create an accessible network printer, this security vulnerability can lead to remote code execution. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fixed an issue where an interrupt storm occurred after receiving a corrupted ifid in the IRQ handler. Commit 31a7a0bbeb00 “dpaa2-switch”: added a range check for ifid in the IRQ handler introduces a mechanism to...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Misc: Microchip: PCI1xxxx – Fixed kernel panic during IRQ handler registration This issue resolves kernel panics when accessing the IRQ handler associated with the generated IRQ. This is achieved by acquiring a spinlock and stori...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset the IH OVERFLOWCLEAR bit. This also allows us to detect subsequent IH ring buffer overflows...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Packets are queued in the IRQ handler instead of being disabled during the BH handling. Currently, the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction in the softirq contex...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Avoid invalid reads in irdmanetevent. The function irdmanetevent should not dereference anything from “neigh” alias “ptr” until it has checked that the event is of type NETEVENTNEIGHUPDATE. Other events have structure...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: comedi: A flaw in the comedibufmunge function has been fixed. This function performs a modulo operation async-mungechan %= async-cmd.chanlistlen, without first checking whether chanlistlen is zero. If a user program submits a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure that info-enable callback is always set. The ioctl and sysfs handlers call the -enable callback unconditionally. Not all drivers implement this callback, resulting in NULL dereferencing. Examples of affected drivers:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Added a missing deinit call. A warning is triggered when repeatedly connecting and disconnecting the rnbd interface: The listadd structure is corrupted. prev-next should be set to next ffff88800b13e480, but it was set ...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/lima: The mask for IRQs is set to timeout before a hard reset occurs. There is a race condition in which a rendering job may take just long enough to trigger the timeout handler for the DRM sched job, but it still completes...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fixed the check for NULL values in the SCCB field. The tracing code called by the SCLP interrupt handler contains early exits if the SCCB address associated with an interrupt is NULL. This check is performed after...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: Fix for out-of-bound access to qmiinvokehandler Currently, there is no terminator entry for ath12kqmimsghandlers, thus generating the following KASAN warning:...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fixed potential memory corruption in ipmicreateuser. The “intf” list iterator becomes an invalid pointer if the correct “intf-intfnum” is not found. Calling atomicdec&intf-nrusers with an invalid pointer will lea...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register the event handler until the srpt device is fully set up. In rare cases, KASAN reports a use-after-free error in the srptrefreshport function. This appears to occur because the event handler is registere...

EUVD-2025-209901

Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...

ROS-20260520-73-0017

A vulnerability in the JavaScript script handler V8 of Google Chrome and Microsoft Edge browsers is related to writing outside buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

haveged 安全漏洞

Haveged is a random number generation tool developed by Jirka-H. Haveged has a security vulnerability; this vulnerability stems from the sockethandler function not stopping its execution when it detects that the connection user is not a root user. This allows any local non-privileged user to...

Linux Distros Unpatched Vulnerability : CVE-2026-8213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the...

WordPress plugin Anomify AI 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...