Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: kcm: An annotation was added for the data-race around kcm-rxwait. kcm-rxpsock can be accessed without a read lock in kcmrfree. Annotations were added for the read and write operations accordingly. syzbot reported the following...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: inet: Sk-skrxdst was converted to RCU rules. The syzbot reported various issues related to early demux processing. One of these issues is included in this changelog 1. Sk-skrxdst uses RCU protection without proper documentatio...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

The btsockrecvmsg function in net/bluetooth/afbluetooth.c in the Linux kernel, as of version 6.6.8, has a use-after-free issue due to a race condition involving btsockioctl...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: Check the return value of sockrecvmsg when draining CLC data. When receiving a CLC message, the field fieldlength in smcclcmsghdr indicates the length of the message that should be received from the network. The value of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: udp: Fixed multiple wraparounds of sk-skrmemalloc. udpenqueuescheduleskb has the following condition: if atomicread&sk-skrmemalloc sk-skrcvbuf goto drop; sk-skrcvbuf is initialized by net.core.rmemdefault and can later be...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sunrpc: Fixing client-side handling of TLS alerts A security exploit was discovered in NFS over TLS in tlsalertrecv. This issue stemmed from an assumption that there was valid data within the msghdr structure’s iterator’s kvec...

EUVD-2026-26649

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

PT-2026-36467

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sock def readable A race condition exists between lec atm close setting priv-lecd to NULL and concurrent access to priv-lecd in send to lecd, lec handle bridge, and lec atm send. When the socket is...

CVE-2026-3298

CVE-2026-3298 describes an out-of-bounds write in Windows-only asyncio.ProacterEventLoop.sock_recvfrom_into() when using the nbytes parameter. The root cause is a missing boundary check for the destination data buffer, enabling a write past the buffer size if incoming data exceeds it. Non-Windows...

CVE-2026-3298

The method "sockrecvfrominto" of "asyncio.ProacterEventLoop" Windows only was missing a boundary check for the data buffer when using nbytes parameter. This allowed for an out-of-bounds buffer write if data was larger than the buffer size. Non-Windows platforms are not affected...

CVE-2026-23394

A flaw was found in the Linux kernel's afunix component. A race condition exists between the MSGPEEK operation and the garbage collection process. This can allow a local user to cause the garbage collector to incorrectly purge the receive queue of an alive socket, potentially leading to a denial ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993203)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993203 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the fie...

kernel: sunrpc: fix client side handling of tls alerts

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over TLS in tlsalertrecv due to its assumption that there is valid data in the msghdr's iterator's kvec. Instead, this patch proposes the...

EUVD-2025-27905

Malicious code in bioql PyPI...

EUVD-2025-27909

Malicious code in bioql PyPI...

EUVD-2025-26742

Malicious code in bioql PyPI...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

Linux Distros Unpatched Vulnerability : CVE-2025-38571

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix client side handling of tls alerts A security exploit was discovered in NFS over...

SUSE CVE-2025-38566

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix handling of server side tls alerts Scott Mayhew discovered a security exploit in NFS over TLS in tlsalertrecv due to its assumption it can read data from the msg iterator's kvec.. kTLS implementation splits TLS non-da...