215 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommu/vt-d: Fixed a potential memory leak in intelsetupirqremapping. After committing e3beca48a45b “irqdomain/treewide: Keeps the firmware node unconditionally allocated”. For theardown scenario, fn is only freed after failing...
EUVD-2026-36605
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...
CVE-2026-34195
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...
CVE-2026-34195 GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...
CVE-2026-34195 GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes
Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...
CVE-2026-34195
Summary: CVE-2026-34195 describes a GPU DDK kernel heap OOB write caused by incorrect indexing of internal state during sparse allocation remapping, specifically involving PMRChangeSparseMemOSMem and physical page translation from virtual page indexes. This is triggered by non-privileged user act...
PT-2026-49020
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Software installed and run as a non-privileged user may perform intentional GPU sparse memory API calls to cause an out-of-bounds write in the kernel. This occur...
CVE-2026-8795
A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...
CVE-2026-8795
A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...
CVE-2026-8795
A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...
CVE-2026-8795
A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...
CVE-2026-8795
The issue affects Rapid7 Velociraptor’s Windows.Collectors.Remapping artifact prior to version 0.76.6. In collection ZIPs, the hostname field from client_info.json is inserted into a YAML template via Go's text/template without escaping. An attacker supplying a crafted collection ZIP can use lite...
EUVD-2026-35289
A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...
PT-2026-47541
A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client info.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...
Rapid7 Velociraptor 注入漏洞
Rapid7 Velociraptor is a digital forensics and incident response platform provided by Rapid7, Inc. Versions of Rapid7 Velociraptor prior to 0.76.6 contained an injection vulnerability. This vulnerability stemmed from YAML injections in Windows.Collectors.Remapping artifacts. The host name field w...
OPENSUSE-SU-2026:20855-1 Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - Add check for the return value of avmallocarray to avoid potential NULL pointer dereference. CVE-2025-10256, bsc1249431 - Update to version 4.4.7: Codecs, filters and other various bugfixes aacenctns: clamp filter directi...
Astra Linux - уязвимость в qemu
A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. The issue arises when handling the “PVRDMACMDCREATEMR” command due to improper memory remapping mremap. This flaw allows a malicious guest to crash the QEMU process on the host. The greatest threat posed by this...
CVE-2026-43363
In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot either because it doesn't support IRQ remapping or f...
CVE-2026-43363 x86/apic: Disable x2apic on resume if the kernel expects so
In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which may have been disabled by the kernel during boot either because it doesn't support IRQ remapping or f...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise, after the GTT context is released, the GTT and gart space are freed. However, amdgputtmbackendunbind does not clear the gart page table entry; instead, it leaves a valid...