Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fixed improper pointer dereferencing when the error handler kthread is invalid The commit 66a834d09293 “scsi: core: Fixed error handling of scsihostalloc” changed the allocation logic to call putdevice to perform host...

CVE-2026-32000

OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension tool execution that uses Windows shell fallback with shell: true after spawn failures. Attackers can inject shell metacharacters in command arguments to execute arbitrary commands when subproce...

CVE-2026-32000

OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in the Lobster extension tool execution that uses Windows shell fallback with shell: true after spawn failures. Attackers can inject shell metacharacters in command arguments to execute arbitrary commands when subproce...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986306)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986306 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 scsi...

DEBIAN-CVE-2021-47337

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...

CVE-2021-47337

The CVE-2021-47337 issue is in the Linux kernel SCSI core path: when an error arises during scsi_host_alloc() and the error-handling ehandler thread fails to spawn, shost->ehandler may be set to ERR_PTR(-ENOMEM) and scsi_host_dev_release() would call kthread_stop() on a NULL/invalid pointer, r...