33 matches found
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed the issue of dereferencing a stale list iterator after the loop body. The list iterator variable will become a bogus pointer if no break is executed. Dereferencing it in this case, cur-page could result in an...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: The issue related to ref-counting on the PMU “vpapmu” has been fixed. Commit 176cda0619b6 “powerpc/perf: Add a perf interface to expose vpa counters” introduced “vpapmu” to expose the Book3s-HV nested APIv2. This...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: BPF: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly ensures that indirect function calls use a function pointer type that matches the target function. I encountered the following type...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: - acpi: nfit: vmalloc-out-of-bounds read in acpinfitctl A issue detected by syzbot with KASAN has also been fixed: BUG: KASAN: vmalloc-out-of-bounds in cmdtofunc, drivers/acpi/nfit/core.c:416 inline BUG: KASAN:...
CVE-2026-31766 drm/amdgpu: validate doorbell_offset in user queue creation
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate doorbelloffset in user queue creation amdgpuuserqgetdoorbellindex passes the user-provided doorbelloffset to amdgpudoorbellindexonbar without bounds checking. An arbitrarily large doorbelloffset can cause the...
CVE-2026-31469
The CVE-2026-31469 issue affects the Linux kernel virtio_net driver, where a Use-After-Free can occur when IFF_XMIT_DST_RELEASE is cleared and napi_tx is disabled, if the network namespace is destroyed while pending skbs remain in the transmit path. The root cause is the dst_ops reference being f...
kernel: macvlan: fix possible UAF in macvlan_forward_source()
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005755)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005755 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCBAIORW before the struct aiokiocb conversion The first kiocbsetcancelfn argument...
CVE-2026-23064 net/sched: act_ife: avoid possible NULL deref
In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...
OESA-2026-1276 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug in ip6gre tunnel dev:ip6gretap0 Since ipv6 mcast code makes sur...
UBUNTU-CVE-2025-71128
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...
CVE-2023-43515
Memory corruption in HLOS while running kernel address sanitizers syzkaller on tmecom with DEBUGFS enabled...
CVE-2023-53988 fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in hdrdeletede Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in hdrdeletede+0xe0/0x150 fs/ntfs3/index.c:806 Read of size 16842960 at addr ffff888079cc0600 by task...
CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989647)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989647 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on totaldatablocks As Yanming reported in bugzilla:...
SUSE CVE-2025-40073
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not validate SSPP when it is not ready Current code will validate current plane and previous plane to confirm they can share a SSPP with multi-rect mode. The SSPP is already allocated for previous plane, while current...
CVE-2023-53665 md: don't dereference mddev after export_rdev()
In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after exportrdev Except for initial reference, mddev-kobject is referenced by rdev-kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence mddev should not be use...
EUVD-2022-41245
Malicious code in bioql PyPI...
EUVD-2025-26765
Malicious code in bioql PyPI...
CVE-2025-39897 net: xilinx: axienet: Add error handling for RX metadata pointer retrieval
In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaenginedescgetmetadataptr which can return an error pointer and lead to potential crashes or undefined behaviour if the...