CVE-2026-40466

A flaw was found in Apache ActiveMQ. An authenticated attacker can bypass a previous security fix by adding a connector using an HTTP Discovery transport through Jolokia, if the activemq-http module is present. A malicious HTTP endpoint can return a virtual machine VM transport, which allows the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifssysfsinit When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817fb1a780 size 8: comm "insmod", pid 25265, jiffies 4295239702 age 100.130s hex dump first 8 bytes: 75 62 6...

Astra Linux - уязвимость в bind9

If a server hosts a zone containing a “KEY” Resource Record, or if a resolver validates a “KEY” Resource Record from a DNSSEC-signed domain in its cache, a client can exhaust resolver CPU resources by sending a stream of SIG0 signed requests. This issue affects BIND 9 versions 9.0.0 through...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: Errata: Add a workaround for speculative unprivileged loads on Cortex-A520. Implement the workaround according to erratum 2966298 for ARM Cortex-A520. On an affected Cortex-A520 core, a speculative unprivileged load may le...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipprotsock. sysctlipprotsock is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvsappnetcleanup During the initialization of ipvsappnetinit, if file ipvsapp fails to be created, the initialization is successful by default. Therefore, the ipvsapp file doesn't be found during the remove ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: erofs: Avoid infinite loops caused by corrupted subpage compact indexes. Robert reported an infinite loop observed in two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed potential improper dereferencing of pointers in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case, the argument union bpfattr pointer along...

Astra Linux - уязвимость в ffmpeg, ffmpeg5

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec – Fix for memory leak in the fdt buffer This issue was reported by the kmemleak detector: Unreferenced object: 0xff60000082864000 size 9588 The details are as follows: bash comm "kexec", pid 146, jiffies 4294900634...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64: probes: Removed the broken LDR literal uprobe support. The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally designed for use with kprobes, and accessed...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: orangefs: The issue in kmemleak in orangefspreparedebugfshelpstring has been fixed. When inserting or removing the orangefs module, the debughelpstring variable may be leaked: - Unreferenced object: 0xffff8881652ba000 size 4096 -...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix loading 64-bit NOMMU kernels past the start of RAM commit 3335068f8721 "riscv: Use PUD/P4D/PGD pages for the linear mapping" added logic to allow using RAM below the kernel load address. However, this does not work for...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: sshcss: Fix a null-pointer dereference in loadvideobinaries The allocation failure of mycs-yuvscalerbinary in loadvideobinaries is followed with a dereference of mycs-yuvscalerbinary after the following call chain...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fixed a crash that occurred during module load/unload tests. During purex packet handling, the driver incorrectly freed a pre-allocated structure. This issue was fixed by skipping that entry. The system crashed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the efifb driver may hang because of...

Astra Linux - уязвимость в htmldoc

A security issue has been identified in htmldoc v1.9.12 and earlier versions. A NULL pointer dereferencing in the function imageloadjpeg in image.cxx may lead to a denial of service...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: vmxnet3: Fixed malformed packet sizes in vmxnet3processxdp. The XDP handling of the vmxnet3 driver is buggy for packet sizes using ring0 i.e., packet sizes between 128 and 3k bytes. We observed connectivity issues related to M...

Astra Linux - уязвимость в libstb

stbimage.h 2.27 contains a heap-based buffer within stbijpegload, which can lead to information disclosure or denial of service...

Astra Linux - уязвимость в qemu

An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...