296 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a heap out-of-bound read in the ibmasmsendi2omessage function. This vulnerability may lead to the...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotation was added for the data-race around kcm-rxwait. kcm-rxpsock can be accessed without a read lock in kcmrfree. Annotations were added for the read and write operations accordingly. syzbot reported the following...
CVE-2026-43085 netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...
Linux Distros Unpatched Vulnerability : CVE-2026-43085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminat...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpfastopen. While reading sysctltcpfastopen, it can be changed concurrently. Thus, we need to add READONCE to its readers...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk-skstamp in sockrecvcmsgs. KCSAN found a data race in sockrecvcmsgs where the read access to sk-skstamp needs READONCE. BUG: KCSAN: data-race in packetrecvmsg / packetrecvmsg write marked to...
Linux Distros Unpatched Vulnerability : CVE-2026-43040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options...
Linux Distros Unpatched Vulnerability : CVE-2026-31698
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the...
CVE-2026-31699
A flaw was found in the Linux kernel's crypto: ccp module. A local user could exploit a vulnerability where the system attempts to copy a Certificate Signing Request CSR to userspace even after a Platform Security Processor PSP command has failed. This can lead to a slab-out-of-bounds write,...
PT-2026-36498
Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ndiscrauseropt function failing to initialize the padding field in the nduseroptmsg structure, resulting...
Linux Distros Unpatched Vulnerability : CVE-2026-31614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offs...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007039)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007039 advisory. In the Linux kernel, the following vulnerability has been resolved: rcu: Protect -deferqsiwpending from data race On kernels built with CONFIGIRQWORK=y, when...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006889)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006889 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013191)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013191 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007605 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006683)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006683 advisory. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipprotsock. sysctlipprotsock is accessed concurrently, and there ...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006640)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006640 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...
EUVD-2025-208609
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...