arnika is affected by medium-severity issues in UDP rotation, PQC handling, and KMS TLS

Summary Three medium-severity issues in arnika affecting the UDP key-rotation protocol, PQC key file handling, and KMS TLS client. All require specific preconditions to exploit and do not allow direct code execution or immediate key extraction. A self-contained PoC is attached. Details 1 ACK...

tough-kms (>=0.2.0 <=0.5.0), tough-ssm (>=0.5.0 <=0.8.0) +1 more potentially affected by CVE-2026-6966 via tough (>=0.10.0 <=0.1.0)

tough CARGO version =0.10.0, =0.2.0, =0.5.0, =0.1.0, =0.9.0 Source cves: CVE-2026-6966 Source advisory: OSV:GHSA-8M7C-8M39-RV4X...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: lib/fonts: Fixed undefined behavior in bit shifting for getdefaultfont. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows: UBSA...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Do not overwrite the KMS surface dirty tracker. We were overwriting the surface’s dirty tracker, which caused a memory leak...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014324)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014324 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drmclienttargetcloned dmtmode is allocated and never freed in this...

PT-2026-34393

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 "drm/amd/display: Add dsc pre-validation in atomic check", amdgpu resets the CRTC state mode changed flag to false when...

CVE-2026-34986 vulnerabilities

Vulnerabilities for packages: omni-fips, boring-registry, bento-fips, azcopy, harbor-fips, grype-db, gitlab-workhorse-ce, tkn-fips, fulcio, velero, gitlab-runner, chainloop-control-plane, cert-manager, gotrue, envconsul-fips, gitlab-kas, scorecard, sftpgo, traefik-fips, oauth2-proxy,...

UBUNTU-CVE-2026-23430

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak...

CVE-2026-23430

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Don't overwrite KMS surface dirty tracker We were overwriting the surface's dirty tracker here causing a memory leak...

CVE-2026-23430

The CVE-2026-23430 issue affects the Linux kernel DRM/vmwgfx component, where the KMS surface dirty tracker was being overwritten, leading to a memory leak. The vulnerability has been resolved in the kernel by correcting this behavior. Connected sources confirm the root cause and the fix are impl...

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: age-fips, grafana-alloy, seaweedfs, ory-kratos, crossplane-provider-sql-fips, kyverno-policy-reporter, kots, openbao, tkn-fips, sftpgo-plugin-eventstore, openfga-fips, dbmate, fulcio, reports-server, mattermost-fips, sqlexporter, terragrunt-fips, beats-fips,...

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: croc, apko, keda, juicefs, openbao, spicedb, flux-kustomize-controller, telegraf, sops, temporal, temporal-server, nri-mysql, gitea, grafana-alloy, certificate-transparency, crossplane-provider-sql, tailscale, trufflehog, amass, kyverno, age, minio, step-ca, kine,...

CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

CVE-2020-7233

KMS Controls BAC-A1616BC BACnet devices have a cleartext password of snowman in the BACKDOORNAME variable in the BCLogon.swf file...

avalanche-config-installer (>=0.2.36 <=0.2.43), avalanche-installer (>=0.0.18 <=0.0.32) +14 more potentially affected by unknown CVE via aws-sdk-kms (>=0.10.1 <=0.26.0)

aws-sdk-kms CARGO version =0.10.1, =0.2.36, =0.0.18, =0.0.42, =0.0.24, =0.0.1, =0.4.0, =0.0.0, =0.0.46, =0.2.0, =0.1.0, =0.68.0, =0.4.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

Linux Distros Unpatched Vulnerability : CVE-2022-50875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - of: overlay: fix null pointer dereferencing in finddupcsetnodeentry and finddupcsetprop When kmalloc fail to allocate memory in kasprintf, fn1 or fn2 will be...

Unity Linux 20.1060e Security Update: kernel (UTSA-2025-992581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992581 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drmclientmodesetprobe When a new mode is set to modeset-mode, the...

Linux Distros Unpatched Vulnerability : CVE-2023-54263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/nouveau/kms/nv50-: init hpdirqlock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders. CVE-2023-54263 Note that Nessus relies on the presence of the...

SUSE CVE-2023-54138

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

EUVD-2025-203794

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check NULL before accessing WHAT IGT kmscursorlegacy's long-nonblocking-modeset-vs-cursor-atomic fails with NULL pointer dereference. This can be reproduced with both an eDP panel and a DP monitors connected. BUG...