Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: schhtb: Make htbqlennotify idempotent. htbqlennotify always disactivates the HTB class, and actually might trigger a warning if it is already disactivated. Therefore, it is not idempotent and is not friendly to its callers, like...

DEBIAN-CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

EUVD-2026-25555

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

CVE-2026-31662

In the Linux kernel, the following vulnerability has been resolved: tipc: fix bcackers underflow on duplicate GRPACKMSG The GRPACKMSG handler in tipcgroupprotorcv currently decrements bcackers on every inbound group ACK, even when the same member has already acknowledged the current broadcast...

CVE-2026-31662

CVE-2026-31662 concerns the Linux kernel’s TIPc grouping protocol. The bug in tipc_group_proto_rcv() decrements bc_ackers for every inbound GRP_ACK_MSG, even if the sender already acknowledged the current broadcast round. Since bc_ackers is a 16-bit unsigned, a duplicate ACK after the last legiti...

PT-2026-35014

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The GRP ACK MSG handler in the tipc group proto rcv function decrements the bc ackers variable on every inbound group ACK, including duplicate ACKs from members who have already...

SUSE CVE-2026-40109

Flux notification-controller is the event forwarder and notification dispatcher for the GitOps Toolkit controllers. Prior to 1.8.3, the gcr Receiver type in Flux notification-controller does not validate the email claim of Google OIDC tokens used for Pub/Sub push authentication. This allows any...

CVE-2026-40109

Flux notification-controller is the event forwarder and notification dispatcher for the GitOps Toolkit controllers. Prior to 1.8.3, the gcr Receiver type in Flux notification-controller does not validate the email claim of Google OIDC tokens used for Pub/Sub push authentication. This allows any...

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

CVE-2026-34210

The cvE-2026-34210 issue affects the mppx TypeScript interface for the machine payments protocol. Prior to version 0.4.11, the stripe/charge method did not validate Stripe’s Idempotent-Replayed header when creating PaymentIntents, allowing an attacker to replay a valid credential with the same sp...

CVE-2026-34210

mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new...

mppx 安全漏洞

MPPX is a blockchain-based payment protocol SDK developed by Wevm. Versions of MPPX prior to 0.4.11 contained security vulnerabilities. These vulnerabilities stemmed from the stripe/charge payment method not checking Stripe’s Idempotent-Replayed response header, which could allow attackers to...

GHSA-8MHJ-RFFC-RCVW mppx has Stripe charge credential replay via missing idempotency check

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

mppx has Stripe charge credential replay via missing idempotency check

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

PT-2026-28608

Impact The stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt token against a new challenge, and the server would accept the replayed Stripe PaymentIntent as a ne...

SUSE SLES11 Security Update : kernel (SUSE-SU-2026:0688-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0688-1 advisory. The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-0920:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-0920: net: split out functions related to registering inflight socket files bsc1193731. CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1245986. Special...

SUSE-SU-2026:0688-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-0920: net: split out functions related to registering inflight socket files bsc1193731. - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1245986...