162 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: Fixed a race condition in kprobe initialization that could lead to NULL pointer dereferencing. There is a critical race condition in kprobe initialization that can result in NULL pointer dereferencing and cause the...
UBUNTU-CVE-2026-46106
In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...
MAL-2026-4713 Malicious code in wdb-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...
Malicious code in wdb-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...
MAL-2026-4715 Malicious code in weavedb-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886f22636b5e4726978e23b10a4311fb7e65c2b10003da72429348fa617884d1 package.json declares "preinstall": "./vendor/setup", which runs a 976KB packed Linux x86 ELF binary sha256...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing: A warning has been fixed in tracebufferedeventdisable. The warning occurred in tracebufferedeventdisable at WARNONONCE!tracebufferedeventref. Call Trace: - warn+0xa5/0x1b0 - tracebufferedeventdisable+0x189/0x1b0 -...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap the dmamapsg tracepoint arrays to prevent buffer overflows. The dmamapsg tracepoint can cause a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu that create large DRM...
Astra Linux - уязвимость в linux, linux-5.10
It was discovered that there was a lack of CPU resources in the Linux kernel tracing module functionality in versions prior to 5.14-rc3. This issue occurred due to the way users utilize the trace ring buffer. Only privileged local users with the CAPSYSADMIN capability could exploit this flaw to...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: Tracing/histograms: Add histograms to histvars if they reference variables. Triggers may have referenced variables without having direct variable fields. This can occur if referenced variables are added for trigger actions. In...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed the copylinklist updates when the “copyTracemarker” option is enabled for an instance. When this option is enabled, any data written to /sys/kernel/tracing/tracemarker is also copied to that instance’s buffer. When...
SUSE CVE-2022-49006
In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available not currently used by other events...
CVE-2026-43210
The CVE-2026-43210 entry concerns the Linux kernel tracing ring-buffer subsystem. The root cause is inadequate validation of event length in rb_read_data_buffer(), which can cause an invalid memory access if an event’s length is corrupted, potentially at boot time. The published fix is to check t...
Astra Linux – Vulnerability in Linux
In the Linux kernel, the following vulnerabilities have been resolved: Tracing: The length check that causes memory corruption was corrected. We have experienced severe kernel crashes due to memory corruption in our production environment. For example: Call Trace: 1640542.554277 General protectio...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Tracing: kprobe: Fixed a potential null-ptr-dereference in tracearray in kprobeeventgentestexit When testgenkprobecmd fails after kprobeeventgencmdend, it will go to delete, which will call kprobeeventdelete and release the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disabling trampoline for kernel module function tracing The current implementation of BPF trampoline in LoongArch is incompatible with tracing functions in kernel modules. This causes several serious and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not swap the cpubuffer during the resize process When the ringbufferswapcpu function is called during the resize process, the cpu buffer is swapped in the middle, resulting in an incorrect state. Continuing to run...
WOOTdroid: Whole-System Online On-Device Tracing for Android
System auditing on Android faces two problems. First, existing syscall tracers lose events under load, silently overwriting entries faster than a user space reader can drain them. Second, security-relevant application behavior is mediated through Binder, Android's kernel IPC mechanism, and is...
CVE-2026-31541 tracing: Fix trace_marker copy link list updates
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix tracemarker copy link list updates When the "copytracemarker" option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarker is also copied into that instances buffer. When the option is set...
CVE-2026-31541
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix tracemarker copy link list updates When the "copytracemarker" option is enabled for an instance, anything written into /sys/kernel/tracing/tracemarker is also copied into that instances buffer. When the option is set...
PT-2026-34893
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix trace marker copy link list updates When the "copy trace marker" option is enabled for an instance, anything written into /sys/kernel/tracing/trace marker is also copied into that instances buffer. When the option is...