37 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: vsock: Fixed lock inversion in vsockassigntransport. Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. This issue was introduced in commit 687aa0c5581...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused instead of simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused, but it never sets t-paused even though it can determine when the...
EUVD-2026-21742
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
UBUNTU-CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...
CVE-2026-40396
Varnish Cache 9 prior to 9.0.1 is affected by a workspace overflow DoS (daemon panic) that can be triggered by a malicious HTTP/1 request sequence: after timeout_linger releases a worker thread, resuming traffic with multiple requests before the session closes (timeout_idle) can cause a pipelinin...
Varnish Cache 安全漏洞
Varnish Cache is a set of reverse website caching servers developed by the Varnish company. Versions of Varnish Cache prior to 9.0.1 contained security vulnerabilities. These vulnerabilities stemmed from a situation where, after a timeoutlinger period, malicious clients might send HTTP/1 requests...
PT-2026-32185
Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Description Varnish Cache 9 before 9.0.1 is susceptible to a denial of service due to a workspace overflow, potentially leading to a daemon panic. A malicious client can exploit this by sending an HTTP/1...
SUSE CVE-2026-23047
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...
CVE-2026-23047
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...
UBUNTU-CVE-2026-23047
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...
CVE-2026-23047
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...
CVE-2026-23047 libceph: make calc_target() set t->paused, not just clear it
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...
CVE-2026-23047
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...
EUVD-2026-5500
In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...