Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed a possible NULL dereference in amdgpurasqueryerrorstatushelper. Returned an invalid error code -EINVAL for an invalid block ID. The issue has been fixed in the following file:...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was added for the block address in the f2fsdozerorange function. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in the F2FS file system in the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfs/blocklayout: Don't attempt unregister for invalid block device Since commit d869da91cccb "nfs/blocklayout: Fix premature PR key unregistration" an unmount of a pNFS SCSI layout-enabled NFS may dereference a NULL blockdevice i...

Linux Distros Unpatched Vulnerability : CVE-2026-31617

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host- supplied NTB header is checked against ntbmax but has no lower...

CVE-2026-34377 Zebra has a Consensus Failure due to Improper Verification of V5 Transactions

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid...

PT-2025-43695

Name of the Vulnerable Software and Affected Versions Bitcoin Core affected versions not specified Description The software contains an issue that requires the victim to run it on an old 32-bit system and to have configured a large, non-standard mempool. An attacker must then craft an invalid 1 G...

EUVD-2023-57209

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-13099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service out-of- bounds memory access and BUG can occur for a modified...

Division by zero

Overview Affected versions of this package are vulnerable to Division by zero when handling an invalid unknown.blockcount type in a Modelfile. An attacker can cause the application to crash by importing a malicious GGUF. Remediation Upgrade github.com/ollama/ollama/fs/ggml to version 0.6.3-rc1 or...

GHSA-R3R4-G7HQ-PQ4F CometBFT allows a malicious peer to stall the network by disseminating seemingly valid block parts

Name: ASA-2025-002: Malicious peer can stall network by disseminating seemingly valid block parts Component: CometBFT Criticality: High Catastrophic Impact; Possible Likelihood per ACMv1.2 Affected versions: = v0.38.16, v1.0.0 Affected users: Validators, Full nodes, Users Description A bug was...

CVE-2024-53167

In the Linux kernel, the following vulnerability has been resolved: nfs/blocklayout: Don't attempt unregister for invalid block device Since commit d869da91cccb "nfs/blocklayout: Fix premature PR key unregistration" an unmount of a pNFS SCSI layout-enabled NFS may dereference a NULL blockdevice i...

CVE-2024-53167 nfs/blocklayout: Don't attempt unregister for invalid block device

In the Linux kernel, the following vulnerability has been resolved: nfs/blocklayout: Don't attempt unregister for invalid block device Since commit d869da91cccb "nfs/blocklayout: Fix premature PR key unregistration" an unmount of a pNFS SCSI layout-enabled NFS may dereference a NULL blockdevice i...

Always-Incorrect Control Flow Implementation

btcd is vulnerable to Always-Incorrect Control Flow Implementation. The vulnerability is due to a consensus failure caused by the incorrect re-implementation of Bitcoin Core's "FindAndDelete" functionality. This flaw can result in btcd clients accepting an invalid Bitcoin block or rejecting a val...

CVE-2024-38365

CVE-2024-38365 affects btcd (versions 0.10 to 0.24). The issue is a mismatch in Bitcoin Core’s FindAndDelete() versus btcd’s removeOpcodeByData() that can cause btcd to validate blocks differently, risking a chain split (accepting an invalid block) or DoS (rejecting a valid block). The root cause...

SUSE CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpurasqueryerrorstatushelper Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpuras.c:1183 amdgpurasqueryerrorstatushelper...

DEBIAN-CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpurasqueryerrorstatushelper Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpuras.c:1183 amdgpurasqueryerrorstatushelper...

AZL-58611 CVE-2023-52585 affecting package kernel for versions less than 6.6.79.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpurasqueryerrorstatushelper Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpuras.c:1183 amdgpurasqueryerrorstatushelper...

AZL-58623 CVE-2023-52585 affecting package kernel for versions less than 5.15.176.3-3

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpurasqueryerrorstatushelper Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpuras.c:1183 amdgpurasqueryerrorstatushelper...

UBUNTU-CVE-2023-52585

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix possible NULL dereference in amdgpurasqueryerrorstatushelper Return invalid error code -EINVAL for invalid block id. Fixes the below: drivers/gpu/drm/amd/amdgpu/amdgpuras.c:1183 amdgpurasqueryerrorstatushelper...

Nervos CKB BlockTimeTooNew should not be considered as invalid block

Impact Currently, when a node receives a block in future according to its local wall clock, it will mark the block as invalid and ban the peer. If the header's timestamp is more than 15 seconds ahead of our current time. In that case, the header may become valid in the future, and we don't want t...