Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: IB/hfi1: Fixed bugs related to non-PAGESIZE-end multi-iovec user SDMA requests. The processing of hfi1 user SDMA requests contains two bugs that can cause data corruption for user SDMA requests with multiple payload iovecs. In...

CVE-2026-31588

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values When exiting to userspace to service an emulated MMIO write, copy the to-be-written value to a scratch field in the MMIO fragment if the size of the data...

CVE-2026-31588 KVM: x86: Use scratch field in MMIO fragment to hold small write values

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values When exiting to userspace to service an emulated MMIO write, copy the to-be-written value to a scratch field in the MMIO fragment if the size of the data...

CVE-2026-28386

A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service DoS. This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequen...

EUVD-2026-19958

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the AES-CFB-128 process on x86-64 systems with AVX-512 and VAES support when processing partial cipher blocks. An attacker can cause a crash and application termination by providing input buffers that end at a memo...

DEBIAN-CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

PT-2026-31035

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS Module version 3.6 Description Applications utilizing AES-CFB128 encryption or decryption on systems equipped with AVX-512 and VAES support may experience an out-of-bounds read of up to 15 bytes when handling partial cipher blocks...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003029 advisory. A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001908)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001908 advisory. The clearuser function in arch/arm64/lib/clearuser.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service system...

EUVD-2021-1732

Malware in sbrugna...

CVE-2019-15550

An issue was discovered in the simd-json crate before 0.1.15 for Rust. There is an out-of-bounds read and an incorrect crossing of a page boundary...

UBUNTU-CVE-2024-50250

In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...

CVE-2024-50250

The CVE-2024-50250 issue affects the Linux kernel fsdax code: dax_unshare_iter copies data from srcmap to iomap and previously did not align copy_pos/copy_len to a page boundary, allowing misalignment when iter->pos and length are not page-aligned. The bug can cause data corruption (when iter-...

kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."

A vulnerability was found in the Linux kernel's ACPICA component, where improper handling of memory mappings can lead to a NULL pointer dereference. This issue arises when mapping requests exceed page boundaries, resulting in attempts to access unmapped memory...

CVE-2022-48795

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix data TLB miss in sbaunmapsg Rolf Eike Beer reported the following bug: 1274934.746891 Bad Address null pointer deref?: Code=15 Data TLB miss fault at addr 0000004140000018 1274934.746891 CPU: 3 PID: 5549 Comm: cmake N...

CVE-2022-48795 parisc: Fix data TLB miss in sba_unmap_sg

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix data TLB miss in sbaunmapsg Rolf Eike Beer reported the following bug: 1274934.746891 Bad Address null pointer deref?: Code=15 Data TLB miss fault at addr 0000004140000018 1274934.746891 CPU: 3 PID: 5549 Comm: cmake N...

CVE-2022-48795

CVE-2022-48795 maps to a PA-RISC Linux kernel issue: overrunning sglist in sba_unmap_sg caused a Data TLB miss and null-pointer dereference, leading to a kernel panic. The root cause was testing sg_dma_len(sglist) before confirming remaining entries (nents), which could cross a page boundary and ...

DEBIAN-CVE-2024-35826

In the Linux kernel, the following vulnerability has been resolved: block: Fix page refcounts for unaligned buffers in bioreleasepages Fix an incorrect number of pages being released for buffers that do not start at the beginning of a page...