CVE-2026-44451 Lumiverse: TSX component sandbox escape via DOM ref and string-split identifier bypass

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

CVE-2026-44451 Lumiverse: TSX component sandbox escape via DOM ref and string-split identifier bypass

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

CVE-2026-44451

Lumiverse prior to version 0.9.7 has a sandbox escape vulnerability in its component override system. The system transpiles user TSX with Sucrase and evaluates it via new Function, shadowing dangerous globals (fetch, window, eval, etc.). A static validator blocks identifiers, but a string-split b...

USN-8308-1 dnsmasq vulnerability

It was discovered that Dnsmasq incorrectly handled BOOTREPLY packets when configured with the --dhcp-split-relay option. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-8308-1: Dnsmasq vulnerability

It was discovered that Dnsmasq incorrectly handled BOOTREPLY packets when configured with the --dhcp-split-relay option. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service, or possibly execute arbitrary code...

CLSA-2026-1779298645 postfix: Fix of CVE-2026-43964

CVE-2026-43964: fix buffer over-read in dsnsplit when an enhanced status code is not followed by other text...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fixed a runtime warning from memcpy in dgdispatchashost The bug caused a “WARNING in dgdispatchashost” message. In memcpy, a field-spanning write was detected size 56 of a single field, “&dginfo-msg”, located at...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: Fixed handling of hwpoisoned large folio entries in shrinkfoliolist. In shrinkfoliolist, the hwpoisoned folio entries might be large folio entries that cannot be handled by unmappoisonedfolio. For THP processors,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194, where random system crashes have been observed 0. The problem occurs when the split header...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid cycles in the h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. This can easily lead to the kernel corrupting tree nodes that have already been verified during...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Firewire: Core – Fix for race condition with the transaction list The list of transactions is enumerated without acquiring the card lock when processing the AR response event. This causes a race condition bug when processing the ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi – Fix the order of debug actions. The order in which debug actions were performed was incorrectly implemented. Now, we have implemented a split dump process and perform the FW reset only at the middle of the dump...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the memory leak related to ‘conf-biosplit’. In the error path of raid10run, ‘conf’ needs to be freed. However, ‘conf-biosplit’ is not freed, resulting in a memory leak. Since there are three places where ‘conf’ c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm: turning foliotesthugetlb into a PageType. The current implementation of foliotesthugetlb can be exploited by a concurrent operation that splits folio into smaller parts. This can result in a condition where folio that never...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: A NULL pointer dereferencing issue was addressed when splitting folio objects. The commit c010d47f107f “mm: thp: splitting huge pages into lower-order pages” introduced a preliminary check on the order of the folio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/gup: Rejects FOLLSPLITPMD with hugetlb VMAs. The patch series “mm: fixes for device-exclusive entries hmm”, version 2. While discussing the PageTail call in makedeviceexclusiverange, I recently discovered that device-exclusive...

Astra Linux - уязвимость в grub2

Out-of-bounds write when handling split HTTP headers: When dealing with split HTTP headers, GRUB2’s HTTP code accidentally moves its internal data buffer point by one position. This can lead to an out-of-bounds write during the parsing of the HTTP request, resulting in writing a NULL byte beyond...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: The unshare of page tables occurs during VMA splitting, not before. Currently, splitvma triggers the unshare of hugetlb page tables through vmops-maysplit. This happens before the VMA lock and rmap locks are taken –...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: perf/core: Prevent VMA splitting of buffer mappings The perfmmap code is careful to map the user page using mmap along with the ringbuffer and the auxiliary buffer, when the event supports this. Once the first mapping is...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a slab-use-after-free in ext4splitextentat. We encountered the following use-after-free issues: BUG: KASAN: slab-use-after-free in ext4splitextentat+0xba8/0xcc0 Read of size 2 at addr ffff88810548ed08 by task...