538 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: TCP: Fixed handling of refcnt in inethashconnect. syzbot reported a warning in sknullsdelnodeinitrcu. The commit 66b60b0c8c4a “dccp/tcp: Unhash sk from ehash for tb2 allocation failure after checkestablished” attempted to fix ...
Astra Linux – Vulnerability in Firefox
There was an integer overflow issue in the OrderedHashTable used by the JavaScript engine. This vulnerability was fixed in Firefox 139.0.4...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...
Astra Linux – Vulnerability in Linux
In the IPv6 implementation in the Linux kernel before 5.13.3, the net/ipv6/outputcore.c file has an information leak due to certain uses of a hash table. This hash table is large, but it does not properly take into account that IPv6-based attackers can typically choose from many IPv6 source...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock, with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, syzkaller’s log...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021553)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021553 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the...
CLSA-2026-1779183482 Fix CVE(s): CVE-2026-45186
SECURITY UPDATE: denial of service via On^2 attribute name collision check with moderately sized crafted XML input - debian/patches/CVE-2026-45186.patch: replace linear scan in defineAttribute with O1 hash table lookup using new ELEMENTTYPE.defaultAttsNames field in expat/lib/xmlparse.c -...
GHSA-27W2-87XV-37C6 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT
Impact A malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record containing a TaggedSigned with a signature field whose byte length is not exactly 64. When the victim node's DHT verifier calls TaggedSigned::verify, execution reaches...
jq: jq: Denial of Service via crafted JSON object causing hash collisions
A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...
CVE-2026-43084
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
CVE-2026-43084
CVE-2026-43084 affects the Linux kernel netfilter nfnetlink_queue. The vulnerability stems from sharing a global hash table across all queues, allowing a parallel CPU to access a nf_queue_entry after it has been freed, causing a slab-use-after-free (KASAN) and potential crash/DoS. The fix is to m...
CVE-2026-43084
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
CVE-2026-43084 netfilter: nfnetlink_queue: make hash table per queue
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that xfrmpolicyfini does not wait for the RCU reader to complete before releasing the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a global hash table in the nfnetlinkqueue module. This vulnerability may lead to reuse...
dovecot: Fix of CVE-2017-15132
CVE-2017-15132: fix memory leak and hash-table use-after-free in authclientrequestabort lib-auth. Squashed upstream commits 1a29ed2f96da and a9b135760aea...
CLSA-2026-1777463708 dovecot: Fix of CVE-2017-15132
CVE-2017-15132: fix memory leak and hash-table use-after-free in authclientrequestabort lib-auth. Squashed upstream commits 1a29ed2f96da and a9b135760aea...
CVE-2026-5408
CVE-2026-5408 describes an uncontrolled recursion causing a crash in Wireshark’s BT-DHT protocol dissector. Affected versions are Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, with impact listed as denial of service. The connected documents provide the vulnerability name, affected versions, and the exp...
Wireshark 安全漏洞
Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...
CLSA-2026-1777463410 dovecot: Fix of CVE-2017-15132
CVE-2017-15132: fix memory leak and hash-table use-after-free in authclientrequestabort lib-auth. Squashed upstream commits 1a29ed2f96da and a9b135760aea...