Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved handling of caches. This issue has been fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, and watchOS 26. It is possible for a website to access sensor information without user consent...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio:pressure:zpa2326: Fixed information leakage in the triggered buffer. The sample local struct is used to push data to user space from a triggered buffer. However, there is a flaw in the structure’s fields: the temperature and...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: Ignoring non-functional sensors in the HP 5MP Camera The HP 5MP Camera USB ID 0408:5473 reports a HID sensor interface that is not actually implemented. Attempting to access this non-functional sensor via iioinfo causes the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: hwmon: In readstring, check the sensor index. This prevents potential invalid memory accesses when the requested sensor is not found. findecsensorindex may return a negative value e.g., -ENOENT, but its result was used without...

Astra Linux – Vulnerability in Chromium

Before version 92.0.4515.107, using "use after free" in sensor handling in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: hwmon: Handling failures in registering sensors with thermal zones correctly. If an attempt is made to register a sensor with a thermal zone and it fails, the call to devmthermalzoneofsensorregister may return -ENODEV. This ca...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fixed the dereference of ERRPTR in mlx90635probe. When devmregmapiniti2c fails, regmapee can be an error pointer. Instead of checking ISERRregmapee, regmap is checked, which seems like a copy-paste err...

Astra Linux - уязвимость в linux-5.15

A NULL pointer dereference flaw was discovered in the Linux kernel’s AMD Sensor Fusion Hub driver. This flaw allows a local user to crash the system...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fixed overflows in the compensate functions. There are cases in the compensate functions of the driver where overflows of variables may occur due to bit shifting operations. These issues were initially...

Linux Distros Unpatched Vulnerability : CVE-2026-31761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iio: gyro: mpu3050: Move iiodeviceregister to correct location iiodeviceregister should be at the end of the probe function to prevent race conditions. Place...

Linux Distros Unpatched Vulnerability : CVE-2026-31770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have...

CVE-2026-31761

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iiodeviceregister to correct location iiodeviceregister should be at the end of the probe function to prevent race conditions. Place iiodeviceregister at the end of the probe function and place...

CVE-2026-31763

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix incorrect freeirq variable The handler for the IRQ part of this driver is mpu3050-trig but, in the teardown freeirq is called with handler mpu3050. Use correct IRQ handler when calling freeirq...

CVE-2026-31762 iio: gyro: mpu3050: Fix irq resource leak

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Fix irq resource leak The interrupt handler is setup but only a few lines down if iiotriggerregister fails the function returns without properly releasing the handler. Add cleanup goto to resolve resource leak...

PT-2026-36399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the st lsm6dsx hwfifo odr store function when userspace writes to the buffer sampling frequency sysfs attribute. This function calls st lsm6dsx check od...

The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol

Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...

[SECURITY] Fedora 44 Update: qt6-qtsensors-6.10.3-1.fc44

The Qt Sensors API provides access to sensor hardware via QML and C++ interfaces. The Qt Sensors API also provides a motion gesture recognition API for devices...

[SECURITY] Fedora 44 Update: qt6-qtgraphs-6.10.3-1.fc44

The Qt Graphs module enables you to visualize data in 3D as bar, scatter, and surface graphs. It's especially useful for visualizing depth maps and large quantities of rapidly changing data, such as data received from multiple sensors. The look and feel of graphs can be customized by using themes...

CVE-2026-26161

Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally...

EUVD-2026-22386

Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally...