1921 matches found
EUVD-2026-31438
Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: Netfilter: conntrack – re-fetching of conntrack entries after insertion. In cases where conflicts occur between conntrack entries, the insertion operation can free the skb-nfct field, and set skb-nfct to the already-confirmed...
Astra Linux - уязвимость в linux
A flaw was discovered in the Nosy driver within the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, resulting in a “use-after-free” condition when one of these devices is removed. The most significant threat posed by this vulnerability relates to...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Check ownership before using vma When installing missing pages or updating them, Rust Binder will look up the vma in the memory management unit by address, and then call vminsertpage or zappagerangesingle. However, if...
Linux Distros Unpatched Vulnerability : CVE-2025-71300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert arm64: zynqmp: Add an OP-TEE node to the device tree This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-TEE logic in U-Boot automatically...
PT-2026-41787
Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description A memory leak exists in the custom CappedConcurrentHashMap used for Java TLS state tracking. The remove function deletes entries from the map but fails to remove the...
CVE-2026-45369
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...
CVE-2026-45215
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay: from n/a through = 4.3.0...
SUSE CVE-2026-43198
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
EUVD-2026-28740
In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...
CVE-2026-43435
In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...
CVE-2026-43434 rust_binder: check ownership before using vma
In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...
CVE-2026-43434
In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...
CVE-2026-43435
CVE-2026-43435 relates to the Linux kernel rust_binder component where the oneway spam-detection logic in TreeRange (and missing logic in ArrayRange) could allow large spamming transactions to go undetected. The fix moves the spam-check after the new range is inserted and adds an equivalent low_o...
CVE-2026-43409
In the Linux kernel, the following vulnerability has been resolved: kprobes: avoid crash when rmmod/insmod after ftrace killed After we hit ftrace is killed by some errors, the kernel crash if we remove modules in which kprobe probes. BUG: unable to handle page fault for address: fffffbfff805000d...
EUVD-2026-27757
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
CVE-2026-43198
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
CVE-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock()
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...
CVE-2026-43198
CVE-2026-43198 is a Linux kernel race in IPv6 TCP socket handling. The issue occurs in tcp_v6_syn_recv_sock() where the child socket becomes visible before IPv6 state is initialized, allowing other CPUs to access it and potentially triggering instability. The fix moves the problematic code into t...
PT-2026-37538
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel within the tcp v6 syn recv sock function. The issue occurs because certain operations are performed after the call to tcp v4 syn recv sock, at...