Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fixed a UAF issue during destruction, which could lead to a race condition. Object debugging tools occasionally reported illegal attempts to free an i915 VMA object when parking a GT that was believed to be idle...

CVE-2022-50748

In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 "ipc: Free mqsysctls if ipc namespace creation failed" Here's a similar memory leak to the one fixed by the patch above. retiremqsysctls need to be called...

PT-2025-53114

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the init mqueue fs function within the message queue subsystem of the Linux kernel. The issue occurs when init mqueue fs fails after setup mq sysctls, and retire ...

MSL5 General Availability and MSL4 Product Retirement

Akamai Media Services Live 4 will be discontinued on December 31, 2026. The upgraded Akamai Media Services Live 5 is currently in general availability...

CVE-2025-7054

Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRECONNECTIONID frames. QUIC connections possess a set of connection identifiers IDs; see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000section-5.1 . Once the QUIC...

PT-2025-32266 · Cloudflare · Cloudflare Quiche

Name of the Vulnerable Software and Affected Versions: Cloudflare quiche versions 0.15.0 through 0.24.5 Description: Cloudflare quiche is susceptible to an infinite loop when processing packets containing RETIRE CONNECTION ID frames. QUIC connections utilize connection identifiers IDs with sequen...

quiche 安全漏洞

quiche is a Cloudflare open source implementation of the IETF-designated QUIC transport protocol and HTTP/3. A security vulnerability exists in quiche versions prior to 0.15.0 through 0.24.5, which stems from a potential infinite loop when sending a packet containing a RETIRECONNECTIONID frame...

kernel: drm/i915/vma: Fix UAF on destroy against retire race

A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...

CVE-2023-5322

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/editmanageadmin.php. The manipulation of the argument id leads to sql injection. The attack may be...

kernel: drm/i915/vma: Fix UAF on destroy against retire race

A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...

quic-go: memory exhaustion attack against QUIC's connection ID mechanism

A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRECONNECTIONID frame, but the attacker can preve...

kernel: drm/i915/vma: Fix UAF on destroy against retire race

A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...

kernel: drm/i915/vma: Fix UAF on destroy against retire race

A use-after-free flaw was found in drivers/gpu/drm/i915/i915vma.c in the Linux kernel that may lead to a crash...

drm/i915/vma: Fix UAF on destroy against retire race

...

PT-2024-6520 · D Link · D-Link Dns-320

Name of the Vulnerable Software and Affected Versions: D-Link DNS-320 version 2.02b01 Description: The issue is related to the disclosure of information in the /cgi-bin/discovery.cgi file of the Web Management Interface component in the D-Link DNS-320 router's firmware. This can be exploited...

CVE-2024-8212 D-Link DNS-1550-04 hd_config.cgi cgi_FMT_R12R5_2nd_DiskMGR command injection

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been rated as critical. This issue...

CVE-2024-8132 D-Link DNS-1550-04 HTTP POST Request webdav_mgr.cgi webdav_mgr command injection

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been classified as critical. This...

PT-2024-38819 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, and DNS-1550-04 up to 20240814 Description: A...

SUSE CVE-2024-26939

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...

DEBIAN-CVE-2024-26939

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vma: Fix UAF on destroy against retire race Object debugging tools were sporadically reporting illegal attempts to free a still active i915 VMA object when parking a GT believed to be idle. 161.359441 ODEBUG: free active...