Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: ipa: Hash tables are only reset when supported. Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes into the ring buffer used for a channel. Recently...

CVE-2026-43345

A flaw was found in the Linux kernel's ipa driver. This vulnerability, affecting IPA version 5.0 and later, stems from an incorrect event ring index programming, preventing GSI channels from signaling transfer completions. As a result, the system can experience hangs during operations such as...

UBUNTU-CVE-2026-43345

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CHCCNTXT0 to CHCCNTXT1. The v5.0 register definition intended to define this field in the CHCCNTXT1 fmask array but...

CVE-2026-43081

A flaw was found in the Linux kernel's Integrated Packet Accelerator IPA driver. Incorrectly configured register field masks for IPA version 5.0 and newer could lead to system instability. This issue may manifest as a warning when attempting to send commands to the MPSS remoteproc, potentially...

EUVD-2026-27572

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERICCMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSIV30EEnGSIEEGENERICCMD. Notably this fixes a WARN I was seeing when I tried to send "stop...

CVE-2026-43081

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERICCMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSIV30EEnGSIEEGENERICCMD. Notably this fixes a WARN I was seeing when I tried to send "stop...

CVE-2026-43081

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERICCMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSIV30EEnGSIEEGENERICCMD. Notably this fixes a WARN I was seeing when I tried to send "stop...

CVE-2026-43081 net: ipa: fix GENERIC_CMD register field masks for IPA v5.0+

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERICCMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSIV30EEnGSIEEGENERICCMD. Notably this fixes a WARN I was seeing when I tried to send "stop...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mismatch between the mask of the GENERICCMD register field in IPA v5.0+ and the hardware layout. Th...

PT-2026-37391

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERIC CMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSI V3 0 EE n GSI EE GENERIC CMD . Notably this fixes a WARN I was seeing when I tried to...

Linux Distros Unpatched Vulnerability : CVE-2026-43081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipa: fix GENERICCMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI...

Astra Linux - уязвимость в freeipa

There is a cross-site request forgery vulnerability in ipa/session/loginpassword in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions on behalf of the user, resulting in a loss of confidentiality and system integrity...

Astra Linux - уязвимость в freeipa

A privilege escalation from the host to the domain vulnerability was identified in the FreeIPA project. By default, the FreeIPA package fails to validate the uniqueness of the krbCanonicalName for the admin account, allowing users to create services with the same canonical name as the REALM admin...

Astra Linux - уязвимость в freeipa

A flaw was identified in the FreeIPA API audit; it sends the entire FreeIPA command line to journalctl. As a result, during the FreeIPA installation process, administrative user credentials—including the administrator’s password—are inadvertently leaked into the journal database. In the worst-cas...

Astra Linux - уязвимость в sudo

A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...

Troll-Exploit

TrollStore TrollStore is a permasigned jailed app that can pe...

RockyLinux 8 : idm:DL1 (RLSA-2025:17129)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:17129 advisory. FreeIPA: idm: Privilege escalation from host to domain admin in FreeIPA CVE-2025-7493 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : ipa-4.6.8-5.16.0.1.el7.AXS7 (AXSA:2024-7410:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7410:02 advisory. ipa: Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 9 : ipa-4.10.2-5.el9_3.ML.1 (AXSA:2024-7393:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7393:01 advisory. ipa: Invalid CSRF protection CVE-2023-5455 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 7 : ipa-4.6.8-5.17.0.1.el7.AXS7 (AXSA:2024-8141:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8141:06 advisory. ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force CVE-2024-3183 Tenable has extracted the preceding descriptio...