samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

UBUNTU-CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

EUVD-2026-32792

In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

CVE-2026-2340

Samba CVE-2026-2340 affects the vfs_worm module. The issue arises from insufficient validation during rename operations, allowing an authenticated user with write access to a share to overwrite a WORM-protected file by renaming a newly created file over the existing protected file. Impact details...

CVE-2026-2340

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

WORM vfs module does not block overwrites

Description The vfsworm module is intended to make files immutable over SMB a short time after they are created. The time window in which they are writable is configurable, defaulting to one hour. The hook that handles renames was checking that the file being renamed was still mutable, but it was...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: Intel: avs: Disabling period-elapsed work when closing PCM The avsdaifeshutdown function handles the shutdown procedure for the HOST HAudio stream. Period-elapsed work processes its IRQs. Since the former frees the DAI’s...

Astra Linux - уязвимость в golang-github-golang-jwt-jwt

golang-jwt is a Go implementation of JSON Web Tokens. Starting from version 3.2.0 and before versions 5.2.2 and 4.5.2, the parse.ParseUnverified function splits its argument which contains untrusted data using periods. As a result, in the case of a malicious request where the Authorization header...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fixed an issue where PCM OSS buffer allocation might overflow. We have received reports of situations where INTMAX is exceeded during memory allocation using vmalloc. This issue occurs when the sndpcmplugalloc function...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a UAF Use-after-Allocation issue by correcting mismatching between the bpfprog/attachment and tasks-trace-RCU grace periods. Uprobes always use bpfprogrunarrayuprobe under the protection of tasks-trace-RCU. However, it...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups are performed under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookup...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/xe: Ensure that dma-fences comply with safe access rules. The xe mechanism can free some of the data pointed to by the dma-fences it exports. Notably, the “timeline name” can be freed if the user space closes the associate...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that the sfqperturbperiod does not currently have a range check. This could lead to a race condition, which has been fixed in a separate patch. We want to ensur...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the removed entry’s percpu sta...

SUSE CVE-2025-6014

Vault and Vault Enterprise's “Vault” TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23...

CVE-2026-23926

A flaw was found in Zabbix. An authenticated administrator can inject a malicious script into a maintenance period. When another user views the tooltip for this maintenance period in the Host navigator widget, the script executes. This Cross-Site Scripting XSS vulnerability allows the attacker to...

Linux Distros Unpatched Vulnerability : CVE-2026-23926

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated non-super administrator can create a maintenance period with a JavaScript payload that is executed by any user that opens tooltip for that...

Malicious Package

Overview period-newline is a malicious package. This package contains malicious code designed to steal sensitive credentials and establish remote access. While these packages might attempt to impersonate legitimate organizations and popular open-source libraries, there is no connection between...