760 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the group parsing process. An attacker can cause memory exhaustion and disrupt the container runtime API by supplying a maliciously crafted image that triggers unbounded parsing,...
Astra Linux – Vulnerability in Linux
A issue was discovered in Xen through version 4.14.x. Some operating systems, such as Linux, FreeBSD, and NetBSD, process watch events using a single thread. If these events are received faster than the thread can handle them, they will be queued up. Since the queue is unbounded, a guest system m...
openSUSE 16 Security Update : polkit (openSUSE-SU-2026:20925-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20925-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...
CVE-2026-46321
Summary. CVE-2026-46321 concerns the Linux kernel tun/tap with vhost-net, where a short-frame rejection path in tun_xdp_one() can leak memory pages. Specifically, when a frame is shorter than ETH_HLEN, tun_xdp_one() returns -EINVAL without freeing the page allocated by vhost_net_build_xdp(). tun_...
SUSE-SU-2026:22054-1 Security update for polkit
This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...
SUSE-SU-2026:22090-1 Security update for polkit
This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1 bsc1260859...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: rxrpc: DATA/RESPONSE packets are also unshared when paged fragments are present. The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb into a linear sequence before calling...
EUVD-2026-32666
Volcano is a Kubernetes-native batch scheduling system. Prior to v1.14.2, v1.13.3, and v1.12.4, the Volcano webhook server does not enforce a size limit on incoming HTTP request bodies. Any in-cluster pod that can reach the webhook endpoint may send an arbitrarily large request body, potentially...
patch-to-exploit
patch-to-exploit Lab + PoC scripts for "30 minutes from patch...
libtiff security update
An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: mm/vmalloc: fixed vmalloc, which may return null if called with GFPNOFAIL. The commit a421ef303008 "mm: allow !GFPKERNEL allocations for kvmalloc" includes support for GFPNOFAIL, but it creates a conflict with the commit...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: x86 – Handling of SRCU initialization failures during page track initialization Check the return value of initsrcustruct, which may fail due to OOM conditions when initializing the page track mechanism. Lack of checking lead...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: do not move oombfqq Our test report a UAF: 2073.019181 ================================================================== 2073.019188 BUG: KASAN: use-after-free in bfqputbfqq+0xa0/0x168 2073.019191 Written a size 8...
CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpuuserqsignalioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough...
CVE-2026-43398
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...
UBUNTU-CVE-2026-43287
In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...
SUSE-SU-2026:21461-1 Security update for helm
This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: python3 (UTSA-2026-014318)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014318 advisory. When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues Tenable has...
SUSE SLES12 Security Update : polkit (SUSE-SU-2026:1425-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1425-1 advisory. This update for polkit fixes the following issue: - CVE-2026-4897: Fixed possible OOM condition via specially crafted input to polkit-agent-helper-1...
CVE-2026-31420 bridge: mrp: reject zero test interval to avoid OOM panic
In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic brmrpstarttest and brmrpstartintest accept the user-supplied interval value from netlink without validation. When interval is 0, usecstojiffies0 yields 0, causing the...