OPENSUSE-SU-2026:20855-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - Add check for the return value of avmallocarray to avoid potential NULL pointer dereference. CVE-2025-10256, bsc1249431 - Update to version 4.4.7: Codecs, filters and other various bugfixes aacenctns: clamp filter directi...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed a potential memory leak in intelsetupirqremapping. After committing e3beca48a45b “irqdomain/treewide: Keep the firmware node unconditionally allocated”. For theardown scenario, the fn variable is only freed afte...

CVE-2026-43363

In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot either because it doesn't support IRQ remapping or f...

CVE-2026-43363 x86/apic: Disable x2apic on resume if the kernel expects so

In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot either because it doesn't support IRQ remapping or f...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. The issue arises when handling the “PVRDMACMDCREATEMR” command due to improper memory remapping mremap. This flaw allows a malicious guest to crash the QEMU process on the host. The greatest threat posed by this...

FixV2W: Correcting Invalid CVE-CWE Mappings with Knowledge Graph Embeddings

Accurate mapping between Common Vulnerabilities and Exposures CVE and Common Weakness Enumeration CWE entries is critical for effective vulnerability management and risk assessment. However, public databases, such as the National Vulnerability Database NVD, suffer from inconsistent and incomplete...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007485)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007485 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a...

CVE-2026-32128

FastGPT is an AI Agent building platform. In 4.14.7 and earlier, FastGPT's Python Sandbox fastgpt-sandbox includes guardrails intended to prevent file writes static detection + seccomp. These guardrails are bypassable by remapping stdout fd 1 to an arbitrary writable file descriptor using fcntl...

EUVD-2026-11408

FastGPT is an AI Agent building platform. In 4.14.7 and earlier, FastGPT's Python Sandbox fastgpt-sandbox includes guardrails intended to prevent file writes static detection + seccomp. These guardrails are bypassable by remapping stdout fd 1 to an arbitrary writable file descriptor using fcntl...

PT-2026-24852

FastGPT is an AI Agent building platform. In 4.14.7 and earlier, FastGPT's Python Sandbox fastgpt-sandbox includes guardrails intended to prevent file writes static detection + seccomp. These guardrails are bypassable by remapping stdout fd 1 to an arbitrary writable file descriptor using fcntl...

FastGPT 安全漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT 4.14.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the protective measures in the Python sandbox, which can be circumvented...

CVE-2025-48509

CVE-2025-48509 describes Missing Checks in functions related to Reverse Map Table (RMP) initialization that can let a local admin attacker misidentify I/O memory, potentially affecting guest memory integrity. The primary technical details indicate this affects AMD EPYC/SNP environments and relate...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37885)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37885 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reset IRTE to host control if...

CVE-2021-33639

REMAP cmd of SVM driver can be used to remap read only memory as read-write, then cause read only memory/file modified...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992420)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992420 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: maps: pxa2xx-flash: fix memory leak in probe Free 'info' upon remapping error to avoid a...

kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988979)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988979 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intelsetupirqremapping After commit e3beca48a45b...

EUVD-2013-1942

Malware in sbrugna...

EUVD-2021-20316

Malware in sbrugna...