Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs: Relaxing the assertions when encoding file handles fails Encoding file handles is typically performed by a filesystem method called encodefh, which may fail for various reasons. Legacy users of exportfsencodefh—specifically,...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Stale pointers have been set to zero. The function crostypecgetswitchhandles allocates four pointers when obtaining type-c switch handles. These pointers are all freed if none of them are obtained...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Revert “drm/prime: Use dmabuf from GEM object instance” This revert is reflected in commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8. The dmabuf field in struct drmgemobject is not stable throughout the lifetime of the object...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a use-after-free in the durable v2 replay of active file handles. In the parsedurablehandle context, dhinfo-fp-conn is assigned unconditionally to the current connection when handling a DURABLEREQV2 context with...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Added a upper bound check on user inputs in wait ioctl. Large input values in amdgpuuserqwaitioctl can lead to a Out-of-Memory OOM condition, and this vulnerability could be exploited. Therefore, it is recommended to...

BIT-APACHE-2026-48913 Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

CVE-2026-48913 Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

CVE-2026-48913 Apache HTTP Server: mod_http2 memory corruption when file handles exhausted

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

CVE-2026-48913

Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67...

PT-2026-47331

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.55 through 2.4.67 Description A Use After Free issue exists in the mod http2 module of Apache HTTP Server, which occurs when file handles are already exhausted. Use After Free is a memory corruption flaw where a...

CVE-2026-46124

A flaw was found in the Linux kernel's isofs filesystem. An authenticated NFS Network File System peer can exploit this vulnerability by providing a specially crafted file handle. This allows the server to read arbitrary in-range blocks on the backing device, leading to information disclosure whe...

CVE-2026-46138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

CVE-2026-46124 isofs: validate block number from NFS file handle in isofs_export_iget

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

Fourth Frontier Frontier X Mobile Application, Frontier X2

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to read and write arbitrary handle values and change clinical readings, which could result in taking control of the device and lead to patient harm. 2. RECOMMENDED PRACTICES CISA recommends users take...

PT-2026-44261

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read and infinite loop exist in the hci le create big complete evt function. The function iterates over BT BOUND connections for a BIG handle using a while loop that...

CVE-2026-45979

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A upper-bound check has been added to user inputs in the signal ioctl function. Extremely large input values in amdgpuuserqsignalioctl can lead to a Out-of-Memory error OOM. This vulnerability could be exploited...

Astra Linux - уязвимость в samba

In DCE/RPC, it is possible to share handles cookies for resource state between multiple connections through a mechanism called “association groups”. These handles can reference connections to our sam.ldb database. However, while the database is correctly shared, the user credentials are only...

CVE-2026-24142

NVIDIA TensorRT-LLM (any platform) is affected by CVE-2026-24142, a deserialization vulnerability and unsafe serialized handle. The issue could enable code execution, data tampering, and information disclosure due to unsafe deserialization paths in TRT-LLM. NVIDIA’s security bulletin confirms the...