Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Ensure that pages are unlocked in case of a failure in cowfilerange. There is a hangtask report for zoned btrfs as follows: https://github.com/naota/linux/issues/59 726.328648 INFO: Task rocksdb:high0:11085 blocked for...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/mseal: The end of the current VMA was correctly updated during merging. Previously, we stored the end of the current VMA in currend. When moving to the next VMA, we updated currstart to currend to proceed to the next VMA...

Astra Linux – Vulnerability in Firefox and Thunderbird

A malicious website could have learned the size of a cross-origin resource that supported Range requests. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: iommu/arm-smmu-v3: Fixed the soft lockup triggered by armsmmumminvalidaterange. When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------- watchdog:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/amdnb: The function amdgetmmconfigrange uses rdmsrsafe, which should not be used without proper safeguards. Xen does not provide the MSRFAM10HMMIOCONFbase to all guests. This results in the following warning: Unchecked MSR...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Protection against integer overflows for stack access sizes This patch reintroduces protection against access to stack memory having a negative value. The access size can appear negative due to overflow in its signed integer...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: A infinite loop occurs when replaying fastcommit. When performing a fastcommit replay, an infinite loop may occur due to an uninitialized extentstatus structure. The ext4extdetermineinserthole function does not detect this...

Astra Linux – Vulnerability in node-semver

Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service ReDoS via the function new Range, when untrusted user data is provided as a range...

OESA-2026-2188 uriparser security update

The package is a strictly RFC 3986 compliant URI parsing library written in C89"ANSI C". uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. There are a number of applications, libraries and hardware using uriparser, as well as bindings and 3rd-party...

l4ki-TooL

TCP Port Scanner A simple Python tool that scans TCP ports on...

PT-2026-36614

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Description A NULL pointer dereference occurs in the IEEE 802.11 protocol dissector, which can lead to a crash of the application. Recommendations At the moment, there is no information about a newer...

CVE-2026-42786

Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Bandit.WebSocket.Connection':handleframe/3 in lib/bandit/websocket/connection.ex appends every incomi...

CVE-2026-31729

A flaw was found in the Linux kernel's USB Type-C Unified Connector and Switch Interface UCSI module. A malicious or malfunctioning USB Type-C device could report an out-of-range connector number in the Configuration and Capability Information CCI. This could lead to an out-of-bounds array access...

CVE-2026-31718

A flaw was found in ksmbd, the in-kernel SMB3 server for Linux. This vulnerability arises from an asymmetric cleanup process when a durable file handle survives a session disconnect. Specifically, byte-range locks are not properly cleared, leading to a 'use-after-free' error when the durable...

EUVD-2026-26702

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

CVE-2026-35233

An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range shlink field. When root-level dtrace attaches to -- or instruments -- that process via dtrace -p , pid probes, or USDT, the ELF parser reads heap memory beyond the allocated section cach...

CVE-2026-35233

CVE-2026-35233 is active in the Oracle Linux dtrace subsystem. An unprivileged user can craft a binary with an out-of-range sh_link, enabling an ELF parser to read memory beyond the allocated section cache due to missing bounds checks during object symbol table construction. This can cause a NULL...

CVE-2026-43506

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections...

CVE-2026-43030

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe for pointers to packet In case rold-reg-range == BEYONDPKTEND && rcur-reg-range == N regsafe may return true which may lead to current state with valid packet range not being explored. Fix the bug...