CVE-2026-24217

NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

CVE-2026-5947

Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state There are several issues with the way the hyp code lazily saves the host’s FPSIMD/SVE state. These include: The host SVE state is unexpectedly discarded due to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: simple-card-utils: Fixed the pointer check in graphutilParseLinkDirectionation. Now, it checks whether the passed pointers are valid before writing to them. This also fixes a USBAN warning: UBSAN: Invalid-load in...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘sched/fair: Make sure to try to detach at least one movable task’” This change is reflected in commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. The patch modifies the load balancing logic to ignore env.maxloop if all tas...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a combination of JIT blinding and pointers to bpf subprogs. The combination of JIT blinding and pointers to bpf subprogs causes the following issue: 36.989548 BUG: Unable to handle a page fault for address:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Added a null pointer check to attrloadrunsvcn Some metadata files are processed before the MFT. This requires adding a null pointer check for certain corner cases that could lead to NPD when reading these metadata...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fixed the double-free of the elf header buffer. After the patch provided by b3e34a47f989 “x86/kexec: fix memory leak of elf header buffer”, the use of image-elfheaders in the error path of crashloadsegments is no longe...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec – Fix for memory leak in the elf header buffer This issue was reported by the kmemleak detector: Unreferenced object: 0xff2000000403d000 size 4096 Command: “kexec”, PID: 146, Jiffies: 4294900633 age: 64.792 seconds...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: dm: A NULL pointer dereference occurred in dmsuspend. There is a race condition between the suspension of the dm device and the loading of tables, which can lead to a NULL pointer dereference. This issue occurs when the suspensio...

Astra Linux - уязвимость в htmldoc

A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: prefer nftchainvalidate nftchainvalidate already performs loop detection, as a cycle would result in a call stack overflow ctx-level = NFTJUMPSTACKSIZE. It also follows maps via -validate callback in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007loadencoder In go7007loadencoder, the variable bounce i.e., go-bootfw is allocated without subsequent deallocation. After the following call chain: saa7134go7007init | | - go7007bootencoder |...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: coresight: Holding csfgcsdevlock while removing cscfg from csdev. There may be a race condition related to coresight configuration: CPU0 CPU1 perf enable load module cscfgloadconfigsets Activate configuration. // sysfs sysactivec...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/hisilicon/hibmc: fixed the issue where hibmc loaded failed. When hibmc loaded failed, the driver used hibmcunload to free the resource, but the mutexes in mode.config were not initialized, which would access a NULL pointer...

Astra Linux - уязвимость в gegl

The loadcache function in GEGL before version 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This issue arises due to the use of the system library function for executing the ImageMagick convert fallback in magick-load. NOTE: GEGL versions...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fixed an infinite loop in attrloadrunsrange when there are inconsistencies in metadata. We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS attack. A malformed NTFS image can caus...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: safexcel – Cleanup of ring IRQ workqueues on load failure A failure to load the safexcel driver results in the following warning upon boot, because the IRQ affinity has not been properly cleaned up. Ensure that the...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: padata: The handling of refcnts in padatafreeshell has been fixed. In a high-load arm64 environment, the pcryptaead01 test in LTP can lead to system UAF Use-After-Free issues. Due to the lengthy analysis of the pcryptaead01...

Astra Linux - уязвимость в pyyaml

In PyYAML before version 5.1, the yaml.load API could execute arbitrary code if used with untrusted data. The load function has been deprecated in version 5.1, and the 'UnsafeLoader' has been introduced to maintain backward compatibility with this function...