Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: ti: icssg-prueth: Fix missing data copying and incorrect recycling in ZC RX dispatch. emacdispatchskbzc allocates a new skb using napiallocskb, but never copies the packet data from the XDP buffer into it. The skb is pass...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: Check whether the target buffer list is still of the legacy type during recycling. There is a gap between the time the buffer is acquired and the time it potentially gets recycled. If the bufferlist is empty, someon...

Astra Linux - уязвимость в systemd

It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: skbuff: fixed the coalescing behavior for pagepool fragment recycling. Fixed a use-after-free issue when using pagepool with page fragments. We encountered this problem during normal RX processing in the hns3 driver: 1 Initially,...

CVE-2026-42594

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent...

CVE-2026-42594

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent...

Gotenberg 竞争条件问题漏洞

Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Versions of Gotenberg prior to 8.32.0 contained a race condition vulnerability. This vulnerability stemmed from the webhook middleware using unchecked type...

SUSE CVE-2026-43366

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

CVE-2026-43366

A flaw was found in the Linux kernel. A vulnerability exists in the iouring/kbuf component related to buffer recycling. There is a time gap where a buffer list, if empty, could be incorrectly upgraded to a ring-provided type. The legacy recycling mechanism fails to properly check the buffer list'...

CVE-2026-43366

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

CVE-2026-43366

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

UBUNTU-CVE-2026-43366

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

CVE-2026-43366 io_uring/kbuf: check if target buffer list is still legacy on recycle

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

CVE-2026-43366

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...

Linux Distros Unpatched Vulnerability : CVE-2026-43366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled,...

PT-2026-39027

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the io uring/kbuf component where a gap occurs between grabbing a buffer and its potential recycling. If the buffer list is empty, it may be upgraded to a ring-provided...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking whether the target buffer list is of the traditional type during recycling,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013477 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xfsunmountFlushInodes function. This function does not stop recycling inodes before pushing...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010755 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool...