PT-2026-46991

Summary The kubectl generic tool in mcp-server-kubernetes passes user-supplied flags directly to kubectl without any allowlist, enabling a privilege escalation attack within Kubernetes environments. An attacker who already has limited cluster or codebase access, for example, a developer with...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi – avoid null pointer dereference in mpicmpui During NVMeTCP authentication, a controller can trigger a kernel oops by specifying the 8192-bit Diffie Hellman group and passing a correctly sized, but zeroed Diffie...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: Intel: punitipc – fixed memory corruption. This issue was addressed by correcting the address of the pointer “&punitipcdev” when the intent was to pass the pointer itself “punitipcdev” without the ampersand. This...

CVE-2025-33255

NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure...

EUVD-2025-209903

NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure...

PT-2026-42087

Name of the Vulnerable Software and Affected Versions NVIDIA TRT-LLM affected versions not specified Description A flaw in the MPI server allows an attacker to trigger unsafe deserialization. This process, which involves converting data from a stream back into an object, can be manipulated to...

NVIDIA TRT-LLM 代码问题漏洞

NVIDIA TRT-LM is a high-performance inference framework developed by NVIDIA Corporation for optimizing the inference acceleration and deployment of large language models. NVIDIA TRT-LM has code-related vulnerabilities, which stem from insecure deserialization in the MPI server. These...

PT-2026-40628

Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP MSP::loop, AP MSP, AP MSP.cpp components...

CVE-2026-43473

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when the reply and request queues were NULL due to freed memory. This issue occurred when the creation o...

CVE-2026-43058

A flaw was found in the Linux kernel's vidtv media component. This issue arises from functions incorrectly passing data structures by value, which can lead to MemorySanitizer MSAN reporting uninitialized value warnings. Such warnings indicate a risk of memory corruption or undefined behavior, whi...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006654)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006654 advisory. In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpccall struct has a timer used to...

[SECURITY] Fedora 43 Update: vtk-9.2.6-44.fc43

VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms e.g., surface reconstruction, implicit modeling, decimation and rendering techniques e.g., hardware-accelerated volume rendering, LOD control. NOTE: T...

[SECURITY] Fedora 42 Update: vtk-9.2.6-38.fc42

VTK is an open-source software system for image processing, 3D graphics, volume rendering and visualization. VTK includes many advanced algorithms e.g., surface reconstruction, implicit modeling, decimation and rendering techniques e.g., hardware-accelerated volume rendering, LOD control. NOTE: T...

CVE-2025-47388

Memory corruption while passing pages to DSP with an unaligned starting address...

CVE-2025-47388

Memory corruption while passing pages to DSP with an unaligned starting address...

PT-2025-53238

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5 Description The Linux kernel contains a flaw in the unix stream sendpage function related to a null-pointer dereference. This issue arises when handling sockets in a loop, potentially leading to a...

AZL-72634 CVE-2025-68303 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punitipc: fix memory corruption This passes the address of the pointer "&punitipcdev" when the intent was to pass the pointer itself "punitipcdev" without the ampersand. This means that the:...

UBUNTU-CVE-2025-68303

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel: punitipc: fix memory corruption This passes the address of the pointer "&punitipcdev" when the intent was to pass the pointer itself "punitipcdev" without the ampersand. This means that the:...

PT-2025-51707

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the Linux kernel related to Intel Punit IPC functionality. The code incorrectly passes the address of a pointer instead of the pointer itself to a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mpicmpui not handling zero-value comparisons correctly, which could lead to a null pointer dereference...