Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the PWM chip initialization in rust/pwm. As a result of this failure, the allocated...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed the overloading of the meaning of MEMUNINIT Lonial reported an issue in the BPF verifier, where checkmemsizereg contains the following code: c if !tnumisconstreg-varoff / For unprivileged variable accesses, disable raw...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib/testkho: Check whether KHO is enabled. We must check whether KHO is enabled before issuing KHO commands; otherwise, the KHO internal data structures will not be initialized...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb – fix an invalid memory access If the croseckeybregistermatrix function is not called due to “buttonsswitchesonly” in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access occurs in croseckeybproces...

webkitgtk: Processing maliciously crafted web content may disclose internal states of the app

A flaw was found in WebKitGTK. Processing malicious web content can cause a memory initialization issue due to improper memory handling and result in the disclosure of the internal states of the application...

CVE-2025-71294

The CVE-2025-71294 entry is tied to the Linux kernel AMDGPU DRM path. The root cause is a NULL pointer issue in buffer_funcs when the SDMA block is not enabled, leading to potential failure/availability impact. A patch fixes buffer_funcs initialization, mitigating the issue; multiple OSV entries ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the macsmc driver not initializing, potentially leading to null pointer dereferencing...

Astra Linux - уязвимость в libslirp

An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the tftpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘tftpt’ structure. This issue may lead to out-of-bounds read access or...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014341 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure sndnxt is properly initialized on connect Christoph reported a splat hinting at a...

SUSE CVE-2026-23472

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...

Linux Distros Unpatched Vulnerability : CVE-2025-46299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS...

CVE-2025-66363

An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages...

CVE-2026-26958

A flaw was found in filippo.io/edwards25519, a Go library used for cryptographic operations. This vulnerability occurs in the MultiScalarMult function when it processes points that are not properly initialized or are not the identity point. Such conditions can lead to incorrect cryptographic...

CVE-2026-21913 Junos OS: EX4000: A high volume of traffic destined to the device leads to a crash and restart

An Incorrect Initialization of Resource vulnerability in the Internal Device Manager IDM of Juniper Networks Junos OS on EX4000 models allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On EX4000 models with 48 ports EX4000-48T, EX4000-48P, EX4000-48MP a high volu...

PT-2026-2585

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking subsystem related to the hns3 driver. The issue stems from inconsistent allocation sizes for hdev-htqp and kinfo-tqp when applying for...

CVE-2025-46299

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app...

CVE-2025-46299

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app...

CVE-2021-31435

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.931. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Apple多款产品 安全漏洞

Apple Safari and others are products of Apple Inc. Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems. apple iOS is an operating system developed for mobile devices. apple tvOS is an operating system for smart TVs. A security...

Linux Distros Unpatched Vulnerability : CVE-2022-50850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call...