Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: qcom: smsmm: Fixed refcount leaks in qcomsmsmprobe There are two refcount leaks in qcomsmsmprobe: 1 The localnode variable is escaped from foreachchildofnode at the end of the iteration. We should call ofnodeput for it in...

CVE-2022-50703 soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcomsmsmprobe There are two refcount leak bugs in qcomsmsmprobe: 1 The 'localnode' is escaped out from foreachchildofnode as the break of iteration, we should call ofnodeput for it in...

PT-2025-52284

Name of the Vulnerable Software and Affected Versions free5GC version 4.1.0 Description An issue exists in the LocalNode.Sess function that could allow attackers to cause a denial of service or other unspecified impacts. This can occur through a crafted header, specifically the Local SEID, within...

free5GC 安全漏洞

free5GC is a 5th Generation 5G mobile core network open source project by free5GC Open Source. A security vulnerability exists in free5GC version 4.1.0, which stems from an issue with the handling of specially crafted headers by the LocalNode.Sess function, which could result in a denial of servi...

EUVD-2025-111701

Malicious code in link-local-node-sass-puppeteer npm...

SUSE-SU-2025:3744-1 Security update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock

This update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock contains the following fixes: Changes in aws-cli: - Update to 1.33.26...

Malicious code in decoupled-local-node-rig (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 25f0aee1e117152ac6f4bf01df0fc766d85a482953feea9fdece74e016a3cc65 The OpenSSF Package Analysis project identified...

DEBIAN-CVE-2025-1767

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remai...

Malicious code in local-node-rig (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c27eabc498de725ddfd8be17bff9aec9e4dacaef2050fde05ab89943a28a115 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8959 Malicious code in local-node-rig (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c27eabc498de725ddfd8be17bff9aec9e4dacaef2050fde05ab89943a28a115 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...