432 matches found
CVE-2026-53099
A flaw was found in the Linux kernel. The issue arises from an incorrect configuration option for Control-Flow Integrity CFI, a security mechanism designed to prevent certain types of attacks. Due to a naming change, the CFI code was not properly compiled, leading to its intended protections not...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skips inactive planes within ModeSupportAndSystemConfiguration. Why Coverity reports a Memory - illegal access issue. How Skips inactive planes...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fixed information leakage in triggered buffers. The “buffer” local array is used to push data to user space from a triggered buffer. However, values for inactive channels are not set, as the function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: KVM: Rejects attempts to consume or refresh inactive gfntopfncache. kvmgpccheck and kvmgpcrefresh are rejected if the cache is inactive. Not checking the active flag during refresh is particularly problematic, as KVM may end u...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchipsaradc: fixed information leakage in the triggered buffer. The “data” local struct is used to push data to user space from a triggered buffer. However, it does not set values for inactive channels, as it only us...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: The clearwalkcontrol function operates on an inactive context in damoswalk. damoswalk sets ctx-walkcontrol to the control structure provided by the caller before checking whether the context is running. If the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmpbuildprobe The ipv6stub-ipv6devfind function may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not loaded. Passing this error pointer to devhold will cause a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check the running state of GuC before deregistering an exec queue. During normal operation, a registered exec queue is disabled and deregistered through GuC. It is only freed after GuC confirms completion. However, if...
Astra Linux – Vulnerability in libvirt
A flaw was discovered in libvirt. External inactive snapshots of shut-down virtual machines are created as being accessible to everyone on the network, allowing unprivileged users to inspect the contents of the guest operating systems. This leads to an information disclosure vulnerability...
Siemens RUGGEDCOM RST2428P NULL Pointer Dereference (CVE-2026-22976)
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This happens whe...
CVE-2026-7739
A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxerprev/tsMuxer/hevc.cpp. This manipulation of the argument trackid causes denial of service. The attack requires local access. The exploit has...
CVE-2026-6621
A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument proto causes improperly controlled modification of object prototype attributes. Remote exploitation of the attack is possible. The...
CVE-2026-4949
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.16.12. This is due to the 'processcheckout' function not properly enforcing...
CVE-2026-46232
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...
SUSE CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
UBUNTU-CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
CVE-2026-46051 md/raid5: fix soft lockup in retry_aligned_read()
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
CVE-2026-46051
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...
EUVD-2026-32433
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...