17332 matches found
CVE-2026-44392
Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...
Astra Linux - уязвимость в linux-5.15, linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Do not ignore the genmask when looking up a chain by its ID. When adding a rule to a chain whose ID is referenced, if that chain has been deleted in the same batch, the rule might end up referencing a deleted...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tls: fixed handling of zero-length records in the rxlist. Each recvmsg call must process either: - only contiguous DATA records any number of them - one non-DATA record If the next record has a different type than those that...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fixed a potential VPE leak upon error. In itsvpeirqdomainalloc, when itsvpeinit returns an error, there is an off-by-one error in the number of VPEs that need to be freed. This issue was fixed by simply passin...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved through improved memory handling. This issue is fixed in Safari 17.3, iOS 16.7.5, and iPadOS 16.7.5; iOS 17.3, and iPadOS 17.3; macOS Sonoma 14.3; tvOS 17.3; and watchOS 10.3. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в libde265
A buffer overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code through the SAO Sample Adaptive Offset processing of libde265...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when it reaches high temperatures. With certain high GPU loads, it is possible to reach the critical hardware shutdown...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Bug: Null pointer dereferencing in GRO. We observed a null pointer dereferencing in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 represents the protocol field in the struct fou...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Net: tun: Update napi-skb after the XDP process. The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed handling of partial GPU mapping of BOs. This commit fixes the bug in the handling of partial mapping of buffer objects to the GPU, which caused kernel warnings. Panthor did not correctly handle cases where the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: lib/crypto: arm/poly1305 – Fixed register corruption in no-SIMD contexts. Restored the SIMD usability check that was removed with commit 773426f4771b “crypto: arm/poly1305 – Added block-only interface”. This safety check is...
Astra Linux - уязвимость в webkit2gtk
The issue was resolved through improved bounds checks. This issue has been fixed in tvOS 15.6, watchOS 8.7, iOS 15.6, and iPadOS 15.6, macOS Monterey 12.5, and Safari 15.6. Processing web content may lead to arbitrary code execution...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint, the netlink PM traverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multiple instances are created or destroyed, many interrupts occur, and structures related to the decoder are removed. The struct vpuinstance structure is...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: jbd2: Softlockup has been prevented in jbd2logdocheckpoint. Both jbd2logdocheckpoint and jbd2journalshrinkcheckpointlist periodically release the jlistlock after processing a batch of buffers to avoid long periods of lock...
Astra Linux - уязвимость в qemu
In QEMU versions up to 5.0.0, an assertion failure can occur during network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could exploit this flaw to terminate the QEMU process on the host, resulting in a denial-of-service condition in...
Astra Linux - уязвимость в webkit2gtk
The issue was addressed through improved checks. This issue has been fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Media: Platform: MediTech: VPU: Fix for NULL pointer dereferencing If pdev is NULL, it is still dereferenced. This fixes the “match warning” issue. Location: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 – vpuloadfirmware...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Fix handling of zero block length packets When connecting to a Linux host with CDCNCMNTBDEFSIZETX set to 65536, it was observed that we receive short packets, which sometimes occur at intervals of 5–10 seconds...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed handling of connection failures In cases where immediate MPA Memory-Purposed Allocation request processing fails, the newly created endpoint unlinks from the listening endpoint and becomes ready to be dropped. Thi...