Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: jffs2: fixed a memory leak in jffs2scanmedium If an error is returned in jffs2scaneraseblock, and some memory is added to the jffs2summary s, we can observe the following kmemleak report:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Zoned – Initialize the zone info of the device for seeding. When performing seeding on a zoned filesystem, it is necessary to initialize the btrfszoneddeviceinfo structure of each zoned device. Otherwise, mounting the...

CVE-2025-71067

The CVE-2025-71067 vulnerability affects the Linux kernel NTFS mounting path where sb->s_blocksize can remain zero when the block size of the block device exceeds PAGE_SIZE, causing ntfs_init_from_boot() to read the boot_block with an undefined/zero blocksize. The issue is triggered during mou...

Virtuozzo Hybrid Infrastructure 6.3 Update 1 Hotfix 3 (6.3.1-133)

This update provides stability fixes and support for cumulative updates. Clusters running version 6.3.1 or later can now upgrade directly to the latest available version in a single step. Vulnerability id: VSTOR-105770 A stability fix for vstorage-mount. Vulnerability id: VSTOR-104585, VSTOR-1065...

EUVD-2022-54690

Malicious code in bioql PyPI...

SUSE-SU-2025:03387-1 Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024141 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc: make hfscqlennotify idempotent bsc1246356. - CVE-2025-38181: calipso: Fix null-ptr-deref in calipsoreqset,delattr bsc1246001. - CVE-2025-38498:...

CVE-2022-50372 cifs: Fix memory leak when build ntlmssp negotiate blob failed

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 size 448: comm "mount.cifs", pid 51391, jiffies 4295596373 age 330.596s hex dump first ...

Security update for podman

This update for podman fixes the following issues: CVE-2023-45288: Fixed closing connection when receiving too many headers bsc1236507. CVE-2024-11218: Fixed container breakout by using --jobs=2 and a race condition when building a malicious Containerfile bsc1236270. CVE-2025-22869: Fixed Denial ...

SUSE CVE-2022-49381

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2dofillsuper If jffs2iget or dmakeroot in jffs2dofillsuper returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object...

CVE-2022-49277 jffs2: fix memory leak in jffs2_do_mount_fs

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...

Important: Red Hat Security Advisory: buildah security update

An update for buildah is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

AZL-54137 CVE-2023-52572 affecting package kernel for versions less than 5.15.182.1-1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifsdemultiplexthread There is a UAF when xfstests on cifs: BUG: KASAN: use-after-free in smb2isnetworknamedeleted+0x27/0x160 Read of size 4 at addr ffff88810103fc08 by task cifsd/923 CPU: 1 PID: 923 Comm: cifsd...

openSUSE Security Update : singularity (openSUSE-2020-1497)

This update for singularity fixes the following issues : New version 3.6.3, addresses the following security issues : - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

kernel: cifs: always do is_path_accessible check in cifs_mount

The setupcifssb function in fs/cifs/connect.c in the Linux kernel before 2.6.39 does not properly handle DFS referrals, which allows remote CIFS servers to cause a denial of service system crash by placing a referral at the root of a share...