Astra Linux - уязвимость в linux

The bpf verifier in the Linux kernel failed to properly handle truncation of the mod32 destination register when the source register was known to be 0. A local attacker who had the ability to load bpf programs could exploit this vulnerability by performing out-of-bounds reads in kernel memory,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003108)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003108 advisory. In /drivers/isdn/i4l/isdnnet.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer...

CVE-2023-54135 maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

PT-2025-53212

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s maple tree implementation, specifically within the mas wr end piv function. The issue involves a potential out-of-bounds access when determining the...

EUVD-2022-55193

Malicious code in bioql PyPI...

SUSE CVE-2025-39835

In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...

CVE-2022-49935

In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dmaresv object we always assumed the the newer than all the existing fences. With Jason's work to add an UAPI to explicit export/impor...

DEBIAN-CVE-2022-49935

In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later Previously when we added a fence to a dmaresv object we always assumed the the newer than all the existing fences. With Jason's work to add an UAPI to explicit export/impor...

CVE-2022-49935

CVE-2022-49935 affects the Linux kernel’s dma-buf/dma-resv code. The vulnerability arises from assuming a newly added fence is newer than all existing fences; with the explicit UAPI export/import, this assumption was removed, creating a path where userspace could force the kernel into a use-after...

CVE-2022-49065

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svcdeferredevent trace class Fix a NULL deref crash that occurs when an svcrqst is deferred while the sunrpc tracing subsystem is enabled. svcrevisit sets dr-xprt to NULL, so it can't be relied upon in the...

CVE-2024-57924

CVE-2024-57924 affects the Linux kernel and is described in multiple sources as a fix to “fs: relax assertions on failure to encode file handles.” The issue concerns exportfs_encode_fh and related paths used by filesystem code to encode file handles, with legacy users such as nfsd and name_to_han...

CVE-2024-42321

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2024-42321

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2024-42321 net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: use DEBUGNETWARNONONCE The following splat is easy to reproduce upstream as well as in -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 "net: add and use skbgethashsymmetricnet" bu...

CVE-2023-52843

CVE-2023-52843 (Linux kernel): The vulnerability arises in LLC processing where mac headers are read via eth_hdr without verifying that skb contains an Ethernet header. Syzbot demonstrated entry into llc_rcv on a tun device, with tun injections that can bypass mac_len validation. The fix adds a m...

CVE-2023-52843

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llcrcv on a tun device. Tun can insert packets without mac len and...

CVE-2023-52843 llc: verify mac len before reading mac header

In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without verifying that the skb has an Ethernet header. Syzbot was able to enter llcrcv on a tun device. Tun can insert packets without mac len and...

DEBIAN-CVE-2024-35882

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a slow server-side memory leak with RPC-over-TCP Jan Schunk reports that his small NFS servers suffer from memory exhaustion after just a few days. A bisect shows that commit e18e157bb5c8 "SUNRPC: Send RPC message on...

CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...

DEBIAN-CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function taskletactioncommon calls tasklettrylock, then it calls the tasklet callback and then it calls taskletunlock. If the...