134 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/region: Fixed leakage in constructregion. The first call to sysfsupdategroup requires explicitly freeing the resource, as it is too early for cxlregioniomemrelease to be called...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: A buggy exit annotation for the remove function was removed. With tpd12s015remove marked with exit, this function is discarded when the driver is compiled as a built-in component. As a result, when the driv...
Russh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner input
Summary russh did not enforce the SSH identification-string rules as deliberately as OpenSSH. In particular, the server-side identification reader used the same permissive path as the client, allowing pre-banner lines from clients, and the reader did not enforce a bounded number of pre-banner...
CVE-2026-46060
A flaw was found in the Linux kernel's crypto: qat driver. This vulnerability occurs when the driver fails during device initialization, leading to Interrupt Request IRQ handlers not being properly detached before their associated resources are released. This improper cleanup can result in resour...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fixed potential resource leakage when registering a chip. If the creation of a software node fails, the locally allocated string array remains unleased. It should be freed during the error handling process...
SUSE CVE-2026-31529
In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix leakage in constructregion Failing the first sysfsupdategroup needs to explicitly kfree the resource as it is too early for cxlregioniomemrelease to do so...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from resource leakage when the sysfsupdategroup function fails...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007051)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007051 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy exit annotation for remove function With tpd12s015remove marked...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006825)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006825 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy exit annotation for remove function With tpd12s015remove marked...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, changed the error flow during matcher disconnection. Currently, when a firmware failure occurs during the matcher disconnection process, the error flow of the function reconnects the matcher and returns an error...
ROS-20260112-7352
A vulnerability in the core.c, fabrics-cmd-auth.c, fabrics-cmd.c components of the Linux operating system kernel is related to resource leakage. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7319
A vulnerability in the ax25addrax25dev function of module net/ax25/ax25dev.c of the Linux operating system kernel is related to resource leakage. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260112-7316
A vulnerability in the ax25devdevicedown function of module net/ax25/ax25dev.c of the Linux operating system kernel is related to resource leakage. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Missing Release of Resource after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime via resource exhaustion caused by improper cleanup of long-lived resources. Several components fail to correctly close or release gRPC connections, SPIFFE sources, and streaming...
CVE-2025-58149
When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allo...
EUVD-2021-34646
In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier While the check for formatcount 64 in drmuniversalplaneinit shouldn't be hit it's a WARNON, in its current position it will then leak the plane-formattypes array and fail to cal...
RockyLinux 10 : ruby (RLSA-2025:8131)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:8131 advisory. net-imap: Net::IMAP vulnerable to possible DoS by memory exhaustion CVE-2025-25186 CGI: Denial of Service in CGI::Cookie.parse CVE-2025-27219 uri:...
EUVD-2020-3514
Malware in sbrugna...
EUVD-2018-12365
Malware in sbrugna...
EUVD-2025-11211
Malicious code in bioql PyPI...