Batch Me If You Can: Coverage-Guided RPKI Fuzzing at Scale

The Resource Public Key Infrastructure RPKI has become essential to secure inter-domain routing. Despite its critical role, RPKI software remains largely untested beyond shallow parsing. Existing fuzzers, like AFL++ or libFuzzer, do not work well for RPKI as they assume a single, self-contained...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevents concurrent access to the IPSec ASO context. The querying or updating of IPSec offload objects occurs through the Access ASO WQE. The driver uses a single mlx5eipsecaso structure for each PF, which contains a...

CVE-2026-41564

CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking. The Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC, Crypt::PK::Ed25519 and Crypt::PK::X25519 modules seed a per-object PRNG state in their constructors and reuse it without fork detection. A...

PT-2026-34646

Name of the Vulnerable Software and Affected Versions CryptX versions prior to 0.088 Description CryptX for Perl fails to reseed the Crypt::PK Pseudo-Random Number Generator PRNG state after a fork operation. The modules Crypt::PK::RSA, Crypt::PK::DSA, Crypt::PK::DH, Crypt::PK::ECC,...

SUSE CVE-2026-23441

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...

EUVD-2026-18682

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...

CVE-2026-23441

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...

CVE-2026-23441

CVE-2026-23441 is a Linux kernel vulnerability in the net/mlx5e driver. The issue is a race condition where the ASO spinlock is released before the hardware finishes processing a WQE, causing a second operation to overwrite a shared DMA context. The fix introduces a private per-object IPSec ASO c...

CVE-2026-23441 net/mlx5e: Prevent concurrent access to IPSec ASO context

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...

CVE-2026-23441

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5eipsecaso struct for each PF, which contains a shared DMA-mapped context...

PT-2026-30136

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent concurrent access to IPSec ASO context The query or updating IPSec offload object is through Access ASO WQE. The driver uses a single mlx5e ipsec aso struct for each PF, which contains a shared DMA-mapped conte...

GO-2026-4595 Non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints in github.com/canonical/lxd

Non-recursive certificate listing bypasses per-object authorization and leaks all fingerprints in github.com/canonical/lxd...

PT-2026-23821

We at Tachyon found an auth bypass in MLflow https://tachyon.so/blog/cve-2025-14297-mlflow-authorization-bypass: 1. Black-box scanners would need to discover the right users, roles, and state transitions, then generate specific request sequences that trigger a gap: a combinatorial problem that...

The API Battleground: Why APIs are the new frontline—and how to stop the stealthiest attacks

APIs used to be the quiet backstage crew that made apps feel magical. Now attackers have learned the script — they walk onstage, deliver perfectly polite lines, and walk off with the props. In H1 2025 Imperva observed 40,000+ API incidents across 4,000+ monitored environments , including an...

[SECURITY] Fedora 34 Update: rust-thread_local-1.1.4-1.fc34

Per-object thread-local storage...

Fedora: Security Advisory for rust-thread_local (FEDORA-2022-c4071e3dc7)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: rust-thread_local-1.1.4-1.fc35

Per-object thread-local storage...