CLSA-2026-1779694248 mpg123: Fix of CVE-2024-10573

CVE-2024-10573: Out-of-bounds write during PCM decoding of crafted streams could lead to heap corruption and potential arbitrary code execution; decode the MPEG header into a temporary copy that is only applied to the live handle after the frame body is validated upstream svn-r5442, main fix, and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevented possible heap overwriting. In riocmcdevioctlRIOCMCHANSEND → cmchanmsgsend → riocmchsend, cmchanmsgsend checks that the user space did not send too much data. However, riocmchsend failed to check...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005793)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005793 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND -...

Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers.

...

AZL-64401 CVE-2025-38090 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: drivers/rapidio/riocm.c: prevent possible heap overwrite In riocmcdevioctlRIOCMCHANSEND - cmchanmsgsend - riocmchsend cmchanmsgsend checks that userspace didn't send too much data but riocmchsend failed to check that userspace se...

Irontec Sngrep 缓冲区错误漏洞

Irontec Sngrep is a tool from Irontec for displaying SIP call message streams from endpoints. A security vulnerability exists in Irontec Sngrep versions v0.4.2 through v1.8.1, which stems from the functions sipgetcallid and sipgetxcallid in sip.c using the strncpy function to copy the contents of...

kernel security, bug fix, and enhancement update

3.10.0-514.21.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.21.1 - kernel sched/core: Fix an SMP ordering race in trytowakeup vs...