DEBIAN-CVE-2026-40213

OpenStack Cyborg before 16.0.1 uses rule:allow checkstr='@' as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complet...

CVE-2026-40213

OpenStack Cyborg before 16.0.1 uses rule:allow checkstr='@' as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complet...

CVE-2026-40213

OpenStack Cyborg before 16.0.1 is affected by CVE-2026-40213. The issue arises from a default policy rule (rule:allow with check_str='@') applied to multiple API endpoints, which unconditionally authorizes any request bearing a valid Keystone token regardless of user roles, project membership, or...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinity on ASP chip The ASP chip is a very old variant of the GSP chip and is used, for example, in HP 730 workstations. When attempting to reprogram the affinity setting, the system may crash, especiall...

SUSE CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

UBUNTU-CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

CVE-2025-71121

CVE-2025-71121 relates to the Linux kernel’s parisc/ASP chip handling: attempting to reprogram CPU affinity on HP 730 hardware could crash with an HPMC because registers aren’t at the expected location. The fix avoids the crash by checking the sversion, and notes that reprogramming isn’t needed f...

CVE-2025-71121 parisc: Do not reprogram affinitiy on ASP chip

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

EUVD-2019-2440

Malware in sbrugna...

EUVD-2013-2758

Malware in sbrugna...

EUVD-2018-9664

Malware in sbrugna...

CVE-2023-53536 blk-crypto: make blk_crypto_evict_key() more robust

In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blkcryptoevictkey more robust If blkcryptoevictkey sees that the key is still in-use due to a bug or that -keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management...

PT-2026-2882

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to affinity reprogramming on ASP chips. This issue affects systems utilizing an older variant of the GSP chip, specifically the ASP chip, found i...

CVE-2022-24584

Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with the Yubico OTP validation server. The Yubico OTP supposedly creates hardware bound second factor credentials. When a user reprograms the OTP functionality by "writing" it on a token using the Yubico...

PT-2022-16736 · Yubico · Yubikey

Name of the Vulnerable Software and Affected Versions: YubiKey affected versions not specified Description: The issue concerns incorrect access control in the Yubico OTP functionality of the YubiKey hardware tokens and the Yubico OTP validation server. The Yubico OTP is supposed to create...

UberOwner has too much power

Handle tensors Vulnerability details Impact The Uber Owner has too much power within the system. This makes the protocol closer to a centralized prediction market whose rules are determined by the Uber Owner. Proof of Concept The above functions can be used by the Uber Owner to completely change...