SUSE CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CLSA-2026-1777941528 openssh: Fix of CVE-2026-35385

CVE-2026-35385: fix scp legacy protocol receiver to clear setuid/setgid bits from downloaded files when -p preserve mode is not set...

CVE-2026-33857

Out-of-bounds Read vulnerability in modproxyajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

UBUNTU-CVE-2026-33857

Out-of-bounds Read vulnerability in modproxyajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

CVE-2026-33857 Apache HTTP Server: Off-by-one OOB reads in AJP getter functions

Out-of-bounds Read vulnerability in modproxyajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

CVE-2026-33857

CVE-2026-33857 concerns the Apache HTTP Server, specifically the mod_proxy_ajp component, with an out-of-bounds read in AJP getter functions affecting versions up to 2.4.66. Upgrading to version 2.4.67 is the documented fix. The available connected sources confirm the affected product, the vulner...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7925: fixed an off-by-one issue in mt7925mcuhwscan. The ssid-ssids and sreq-ssids arrays contain elements with the value MT7925RNRSCANMAXBSSIDS; therefore, this value should be set to a larger value to prevent...

Astra Linux - уязвимость в mongo-c-driver

Some MongoDB drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. These published events may contain security-sensitive data when specific authentication-related commands are executed. Without proper care, an application...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfpendingtask UaF According to syzbot, it is possible for perfpendingtask to continue running after the event has been freed. There are two related but distinct cases: - The taskwork was already queued before the even...

Astra Linux - уязвимость в libarchive

A vulnerability has been identified in the libarchive library. This flaw involves an “off-by-one” calculation error when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. Although seemingly minor, such an overflow can corrupt adjacent memory, resulting in...

Astra Linux - уязвимость в glibc

A flaw was discovered in glibc. A “off-by-one” buffer overflow and underflow in the getcwd function may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and the size passed to getcwd in a setuid program could exploit this flaw t...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: hi3110canist: fixed the potential use-after-free issue. The commit a22bd630cfff “can: hi311x: do not report txerr and rxerr during bus-off” removed the reporting of rxerr and txerr even in cases where the system...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Issues in mpi3mrgetalltgtinfo have been fixed. The function mpi3mrgetalltgtinfo has four issues: 1. It calculates the valid entry length in alltgtinfo assuming that the header part of the struct mpi3mrdevicemapin...

Astra Linux - уязвимость в apache2

Apache HTTP Server versions 2.4.39 to 2.4.46: unexpected matching behavior with "MergeSlashes OFF"...

Astra Linux - уязвимость в wpa

The implementation of PEAP in wpasupplicant through version 2.10 allows for authentication bypass. To successfully carry out this attack, wpasupplicant must be configured to not verify the network’s TLS certificate during Phase 1 authentication. Additionally, the eappepeapdecrypt vulnerability ca...

Astra Linux - уязвимость в gnutls28

A heap-buffer-overflow off-by-one flaw was discovered in the GnuTLS software during the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption a...

Linux Distros Unpatched Vulnerability : CVE-2026-43036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

CVE-2026-43036 net: use skb_header_pointer() for TCPv4 GSO frag_off check

In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...