Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the memory leak related to ‘conf-biosplit’. In the error path of raid10run, ‘conf’ needs to be freed. However, ‘conf-biosplit’ is not freed, resulting in a memory leak. Since there are three places where ‘conf’...

PT-2026-47786

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in AppArmor regarding the handling of resource limits rlimit for POSIX CPU timers. POSIX CPU timers require an additional step beyond the standard setting of the rlimit t...

drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4

...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: regulator: raa215300 – Fixed resource leak in case of errors The clkregisterclkdev function allocates memory by calling vclkdevalloc, and this memory is not freed in the error path. Similarly, resources allocated by...

PT-2026-37129

Name of the Vulnerable Software and Affected Versions zebrad versions prior to 4.3.1 zebra-script versions prior to 5.0.2 Description Following a refactoring of the verification process for transparent transactions, Zebra failed to validate a consensus rule restricting the possible values of...

nfs-utils security update

2.8.3-0.0.1.el101.3 - remove multiple warnings when upgrading nfs-utils with gssproxy 2.8.3-3 - Add requires for selinux-policy RHEL-127092 2.8.3-2 - mountd: Minor refactor of getrootfh RHEL-127092 - mountd: Separate lookup of the exported directory and the mount path RHEL-127092 - support: Add a...

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.20.0: CVE-2026-22036: Updated undici to 6.23.0 bsc1256848 CVE-2025-59465: Add TLSSocket default error handler bsc1256573 CVE-2025-55132: Disable futimes when permission model is enabled bsc1256571 CVE-2025-55130: Require full read...

CVE-2023-25568

Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users acceptin...

Unbreakable Enterprise kernel security update

5.15.0-315.196.5.1 - netfilter: nftables: reject duplicate device on updates Pablo Neira Ayuso Orabug: 38744086 CVE-2025-38678 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38744084 - rtc: expose RTCFEATUREUPDATEINTERRUPT Alexandre Belloni Orabug: 3874408...

dmaengine: idxd: Refactor remove call with idxd_cleanup() helper

...

EUVD-2025-179026

Malicious code in eta-refactor-execute-float-load npm...

EUVD-2025-180105

Malicious code in benchmark-refactor-secure-scale-array npm...

EUVD-2025-177423

Malicious code in optimize-uglify-cluster-string-refactor npm...

EUVD-2025-176755

Malicious code in refactor-private-table-finally-water npm...

EUVD-2025-179115

Malicious code in enum-parse-protected-kernel-refactor npm...

EUVD-2025-175749

Malicious code in user-refactor-cluster-transpile-eta npm...

EUVD-2025-178020

Malicious code in long-zero-rain-daemon-refactor npm...

EUVD-2025-179699

Malicious code in cluster-protected-resolve-cloud-refactor npm...

EUVD-2025-176214

Malicious code in static-refactor-grep-yaml-emulate npm...

EUVD-2025-175894

Malicious code in transpile-refactor-protected-promise-interface npm...