168 matches found
Astra Linux – Vulnerability in Linux
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through version 5.9.13. Files drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack on TIOCGSID, also known as CID-c8bcd9c5be24...
CVE-2026-10639 Use-after-free reading `net_pkt_iface()` of a sent ICMPv4 echo-reply packet in `icmpv4_handle_echo_request()`
In Zephyr's native IPv4 stack, icmpv4handleechorequest in subsys/net/ip/icmpv4.c builds an echo-reply packet reply, hands it to nettrysenddata, and then, on success, calls netstatsupdateicmpsentnetpktifacereply. nettrysenddata transfers ownership of reply to the TX path netiftryqueuetx - netiftx ...
OSV-2026-907 Heap-use-after-free in gf_sg_route_del
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=523017644 Crash type: Heap-use-after-free READ 8 Crash state: gfsgroutedel gfsgreset gfsgdel...
CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities
HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...
Google Pixel 安全漏洞
The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from a race condition that leads to the reuse of a read operation after deallocation, potentially resulting in the disclosure of local information...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4xattrinodedecrefall' we should ignore xattrs entries past the 'end' entry. This fixes the following KASAN reported issue:...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004654)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004654 advisory. A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004082)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004082 advisory. A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001350)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001350 advisory. A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath12k: Fixed the issue where a read pointer was accessed after freeing memory in ath12kmacassignviftovdev. In ath12kmacassignviftovdev, if the arvif object is created on a different radio, it is deleted from that radio...
EUVD-2025-124915
In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...
kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12kmacassignviftovdev In ath12kmacassignviftovdev, if arvif is created on a different radio, it gets deleted from that radio through a call to ath12kmacunassignlinkvif. This action...
kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12kmacassignviftovdev In ath12kmacassignviftovdev, if arvif is created on a different radio, it gets deleted from that radio through a call to ath12kmacunassignlinkvif. This action...
EUVD-2017-16004
Malware in sbrugna...
EUVD-2018-13602
Malware in sbrugna...
EUVD-2011-2984
Malware in sbrugna...
EUVD-2011-3045
Malware in sbrugna...
EUVD-2020-22018
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414541)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414541 advisory. A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget...
EUVD-2025-5250
Malicious code in bioql PyPI...