3092 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: igb: Fixed an “use-after-free” issue in the igbcleantxring function. Fixed the following “use-after-free” bug in the igbcleantxring routine when the NIC is running in XDP mode. This issue can be triggered by redirecting traffi...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: SUNRPC: Fixed a server shutdown leak A race condition was addressed where kthreadstop might prevent threadfn from being called at all. If this occurs, the svcrqst will not be cleaned up properly...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed data races related to sk-skshutdown. KCSAN identified a data race around sk-skshutdown, where unixreleasesock and unixshutdown update the variable under unixstatelock; additionally, unixpoll and unixdgrampoll rea...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: RSI: Do not configure WoWlan in the shutdown hook if it is not enabled. In cases where WoWlan was never configured during the operation of the system, hw-wiphy-wowlanconfig will be NULL. The rsiconfigwowlan function checks...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: Fixed the reference leak in nfsd4addrdaccesstowrdeleg. The nfsd4addrdaccesstowrdeleg function overwrites fp-fifdsORDONLY unconditionally with a newly acquired nfsdfile. However, if the client already has a SHAREACCESSREA...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix for hang during reboot/shutdown The recent commit 974578017fc1 “iavf: Add waiting so that the port is initialized in remove” adds a wait-loop at the beginning of iavfremove, to ensure that port initialization is complet...
Astra Linux - уязвимость в thunderbird
When a worker is shut down, it was possible for the script to run late in the lifecycle, at a time when it should not be possible. This vulnerability affects Firefox 96, Thunderbird 91.6, and Firefox ESR 91.6...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free in ath9k that occurs in ath9khifusbdisconnect when ath9kdestroywmi is trying to access 'drvpriv' that has already been freed by...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Net: DSA: Fix for a panic upon shutdown if the multi-chip tree fails to probe. DSA probing is atypical because the device tree must probe all devices at once. Thus, out of N switches that call dsatreesetuproutingtable during...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Fixed a panic that occurred when the DSA master device unbinds during shutdown. Rafael reported that on a system with LX2160A and Marvell DSA switches, if a reboot occurs while the DSA master dpaa2-eth is active, the...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disabling kvmclock on all CPUs during shutdown Currently, we disable kvmclock through the machineshutdown hook. This only occurs for the boot CPU. We need to disable it for all CPUs to prevent memory corruption, especial...
Astra Linux - уязвимость в golang-golang-x-net
In net/http in Go, before versions 1.18.6 and 1.19.x, and before version 1.19.1, attackers can cause a denial of service because an HTTP/2 connection may become unresponsive during closure, if the shutdown process is interrupted by a fatal error...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021601)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021601 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvmedevdisable nvmedevdisable modifies the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021645 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthreadstop may prevent the threadfn from eve...
Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition
Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.10.0 Vulnerability Details CVEID:CVE-2026-33230 DESCRIPTION: NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development ...
SUSE SLES15 Security Update : nginx (SUSE-SU-2026:1953-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1953-1 advisory. This update for nginx fixes the following issues Security issues: - CVE-2026-1642: plain text data injection into the response from...
SUSE-SU-2026:1953-1 Security update for nginx
This update for nginx fixes the following issues Security issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784:...
AMF Vulnerable to Improper Resource Shutdown or Release
A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...
GHSA-6V92-PH9P-HRPC AMF Vulnerable to Improper Resource Shutdown or Release
A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. The attack can be executed remotely. The exploit has been disclosed publicl...
GHSA-C73C-X77G-854R OpenClaude MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
OAuth State Validation Bypass via error Parameter Causes Local Server DoS in MCP Auth Callback --- Description The OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter against an internal...