Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of clear-key structures in case of failure. Wipe all sensitive data from the stack for all IOCTLs that convert a clear-key into a protected-or-secure-key...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fixed legacy IPoIB issues due to an incorrect number of queues. The referenced commit creates child PKEY interfaces through netlink, which involve multiple TX and RX queues. However, some devices do not support more tha...

PT-2026-41874

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer underflow exists in the mpi read raw from sgl function. This occurs when the number of leading zeros in a scatterlist exceeds the nbytes parameter, causing an underflow during...

Astra Linux - уязвимость в openssl

Issue Summary: Generating excessively long X9.42 DH keys or checking overly long X9.42 DH keys or parameters can be very slow. Applications that use functions like DHgeneratekey to generate an X9.42 DH key may experience prolonged delays. Similarly, applications that use DHcheckpubkey,...

Astra Linux - уязвимость в openssl

Issue summary: Checking excessively long DH keys or parameters can be very slow. Applications that use functions such as DHcheck, DHcheckex, or EVPPKEYparamcheck to check DH keys or parameters may experience prolonged delays. If the keys or parameters being checked were obtained from an untrusted...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser fails...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Use kfreesensitive to fix Coccinelle warnings Replace memzeroexplicit and kfree with kfreesensitive to fix warnings reported by Coccinelle: WARNING opportunity for kfreesensitive/kvfreesensitive line 1506 WARNING...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size calculation for memdupuser Number of apqn target list entries contained in 'nrapqns' variable is determined by userspace via an ioctl call so the result of the product in calculation of size...

CVE-2026-39421 MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

CVE-2026-39421 MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

UBUNTU-CVE-2026-31790

Issue summary: Applications using RSASVE key encapsulation to establish a secret encryption key can send contents of an uninitialized memory buffer to a malicious peer. Impact summary: The uninitialized buffer might contain sensitive data from the previous execution of the application process whi...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38257)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38257 advisory. - In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Prevent overflow in size...

MiracleLinux 8 : openssl-1.1.1c-15.el8 (AXSA:2020-289:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-289:02 advisory. openssl: side-channel weak encryption vulnerability CVE-2019-1547 openssl: information disclosure in fork CVE-2019-1549 openssl: information disclosu...

SUSE-SU-2026:0090-1 Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.97 fixes various security issues The following security issues were fixed: - CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading bsc1251984. - CVE-2025-38257: s390/pkey: prevent overflow in size calculation...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990297)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990297 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989894)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989894 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986548)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986548 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe sensitive data on failure Wipe sensitive data from stack also if the copytouser...

CVE-2022-50472 IB/mad: Don't call to function that might sleep while in atomic context

In the Linux kernel, the following vulnerability has been resolved: IB/mad: Don't call to function that might sleep while in atomic context Tracepoints are not allowed to sleep, as such the following splat is generated due to call to ibquerypkey in atomic context. WARNING: CPU: 0 PID: 1888000 at...

PT-2025-40659

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.18.0-305.3.1.el8 Description The Linux kernel contained a flaw within the IB/mad component where a function that could potentially sleep was being called while in an atomic context. This could lead to a system...