Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rustbinder: Properly handles FDA objects with a length of zero. A bug has been fixed where an empty FDA fd array object with 0 fds could cause an out-of-bounds error. The previous implementation used skip == 0 to indicate “this i...

GHSA-CWJ3-VQPP-PMXR OpenClaw's gateway config mutation guard allowed unsafe model-driven config writes

Summary The agent-facing gateway tool protects config.apply and config.patch with a model-to-operator trust boundary. That guard used a hand-maintained denylist of protected config paths. The config schema outgrew that denylist, leaving sensitive subtrees writable through model-driven gateway...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. The snprintf function returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buff...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition. This issue was traced to a memory leak in the PHY LED trigger code. The root cause is the misuse of the devm API. The...

zantetsu-trainer is unmaintained

The zantetsu-trainer crate is no longer maintained. The ML training infrastructure it contained was removed as part of the zantetsu 0.2 release, which replaced the neural parser with a pure heuristic engine. A tombstone version 0.2.0 has been published and 0.1.4 has been yanked. There is no...

UBUNTU-CVE-2026-23244

In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...

OPENSUSE-SU-2026:20248-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - more fixes for desktop file, some variables were lowercased, further adaptions in INSTALL script boo1258199 - also copy rollup into thirdparty/node/nodemodules - stay on llvm-10 for swiftshader but bring a similar patch -...

AZL-77880 CVE-2025-71227 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear to me how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel between scanning channel...

openssl security update

3.5.1-7.0.1 - Replace upstream references Orabug: 34340177 - Update FIPS provider name Orabug: 35824276 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469 CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421 CVE-2026-22795 CVE-2026-227...

CVE-2022-50817

CVE-2022-50817 : Linux kernel vulnerability in the HSR path where a NULL pointer deference could occur in skb_clone(), triggered by a bug in hsr_get_untagged_frame(). The issue arises when create_stripped_skb_hsr() returns NULL and skb_clone() is still invoked. Documents consistently describe the...

EUVD-2025-203634

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copyhighpage The arm64 copyhighpage assumes that the destination page is newly allocated and not MTE-tagged PGmtetagged unset and warns accordingly. However, following comm...

SUSE CVE-2025-40306

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

pcs security update

0.10.18-2.0.1.7 - Replaced HAM-logo...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989617 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: use getrandomu32 instead of prandom bh might occur while updating per-cpu rndstate fro...

UBUNTU-CVE-2022-50519

In the Linux kernel, the following vulnerability has been resolved: nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure If creation or finalization of a checkpoint fails due to anomalies in the checkpoint metadata on disk, a kernel warning is generated. This patch replaces th...

CVE-2022-50519

In the Linux kernel, the following vulnerability has been resolved: nilfs2: replace WARNONs by nilfserror for checkpoint acquisition failure If creation or finalization of a checkpoint fails due to anomalies in the checkpoint metadata on disk, a kernel warning is generated. This patch replaces th...

EUVD-2025-31806

Malicious code in bioql PyPI...

EUVD-2023-33465

Malicious code in bioql PyPI...

CVE-2025-24525 Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key

Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available ...

CVE-2023-53328

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Enhance sanity check while generating attrlist nicreateattrlist uses WARNON to catch error cases while generating attribute list, which only prints out stack trace and may not be enough. This repalces them with more...