Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix cleanup of CT before cleanup of TC ct rules CT cleanup assumes that all tc rules were deleted first. Therefore, it is possible to delete the CT shared resources e.g., draction and fwdaction, which are shared...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: A memory leak in the flow steering list has been fixed in rmmod. The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Removing a module with active entries...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: mvpp2main: A possible out-of-band OOB write attack has been addressed in mvpp2ethtoolgetrxnfc. The rules parameter is allocated in ethtoolgetrxnfc, and its size is determined by rulecnt from the user space...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: Allow deletion from sockmap/sockhash only if updating is allowed. We have received a surge in reports from syzkaller instances where a BPF program attached to a tracepoint triggered a locking rule violation by performing a...

Astra Linux – Vulnerability in Subversion

Apache Subversion SVN’s “authz” feature prevents the display of “copyfrom” paths that should be hidden according to configured path-based authorization rules. When a node is copied from a protected location, users with access to the copy can see the “copyfrom” path of the original node. This also...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: dropping bogus WARN messages This issue occurs when rules are flushed/deleted while the packet is still being processed. Therefore, this WARN message needs to be removed. This WARN message has existed i...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: fixed a possible null-pointer dereference in auditfilterrules. A possible null-pointer dereference was addressed in auditfilterrules. Error in auditfilterrules: we previously assumed that ‘ctx’ could be null...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: fib6rules: avoided possible NULL dereferencing in fib6ruleaction. syzbot is capable of triggering the following crashes 1, caused by the unsafe use of ip6dstidev. Indeed, ip6dstidev can return NULL, and this value must...

Astra Linux – Vulnerability in Subversion

The Subversion’s modauthzsvn module will crash if the server uses in-repository authz rules with the AuthzSVNReposRelativeAccessFile option, and a client sends a request for a non-existent repository URL. This can cause disruptions for users of the service. This issue has been fixed in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: HWS, fixed the issue where complex rule rehash operations failed. Moving rules from one matcher to another should not fail. However, if it does fail due to various reasons, the error handling mechanism should allow t...

Astra Linux - уязвимость в linux

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user with root or CAPNETADMIN when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Audit: Added fchmodat2 to the “change attributes” class. fchmodat2, introduced in version 6.6, is currently not included in the “change attributes” class of audit. Calling fchmodat2 to change a file’s attributes in the same way a...

Authorization Bypass

google.golang.org/grpc is vulnerable to authorization bypass. The vulnerability is due to improper validation of the HTTP/2 :path pseudo-header, which allows an attacker to send malformed requests without a leading slash and bypass path-based authorization policies when fallback "allow" rules are...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-success — CVE-2026-31431 Compensating Control A defensiv...

suricata-detections

suricata-detections Network IDS signature development grounde...

CVE-2026-34965

Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/savecollection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP...

CVE-2026-42482

A stack-based buffer overflow in mangletohexlower and mangletohexupper in src/rpcpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password candidates of 128 or more...

Exploit for CVE-2026-31431

Copy-Fail---CVE-2026-31431 CVE-2026-31431 "Copy Fail" - Analys...

CVE-2026-22726

Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks...

CVE-2026-42482

A stack-based buffer overflow in mangletohexlower and mangletohexupper in src/rpcpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password candidates of 128 or more...