Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fixed a possible null pointer derefrence issue. In tegracrtcreset, new memory is allocated using kzalloc, but no checks are performed. Before calling drmatomichelpercrtcreset, the state of the memory allocation should ...

CVE-2026-42073 OpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoS

OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag check CVE-2026-43284 / CVE-2026-43500 Read-only...

kernel: ALSA: aloop: Fix racy access at PCM trigger

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...

CVE-2026-43219

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...

GHSA-FR8X-3VFX-F45H gix and gitoxide: unvalidated submodule name traverses out of .git/modules and redirects state() / open() to another repository

Summary attachments: pocs.zip Submodule names coming from .gitmodules are exposed as unvalidated names and are later reused to derive the submodule git directory as: /modules/ Because the submodule name is joined directly as a filesystem path component, a name such as ../../../escaped-target.git...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mptcp: A stricter state check has been added in mptcpworker. According to Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: c connect // Incoming reset + fastclose // The mpt...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013336 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix use-after-free bug in hclgevfsendmbxmsg Currently, the hns3remove function firstly...

SUSE-SU-2026:0928-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255163. - CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in...

kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state

A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intelatomicgetnewcrtcstate function can return NULL if the CRTC state was not previously obtained via intelatomicgetcrtcstate, but the return value was not checked before use. This leads ...

Cross-site Request Forgery (CSRF)

Overview sigstore is an A tool for signing Python package distributions Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the OIDC authentication process, which fails to check the state parameter. An attacker in a MitM position can cause a user to sign data...

Advisory ROSA-SA-2026-3113

software: squid 5.9 WASP: ROSA-CHROME unaffected versions = squid-5.9-3 affected versions squid-5.9-3 CVE-ID: CVE-2023-49285 BDU-ID: 2023-08581 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Squid proxy server is related to an operation exceeding buffer boundaries in memory. Exploitation of the...

PT-2026-8199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ALSA aloop driver’s PCM trigger callback. The callback attempts to check the PCM state and stop the stream of a tied substream without proper locking,...

SUSE CVE-2023-54176

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2023-54176

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

UBUNTU-CVE-2023-54176

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2023-54176 mptcp: stricter state check in mptcp_worker

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

CVE-2023-54176

In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect // incoming reset + fastclose // the mptcp worker is...

PT-2025-54005

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc1-gde5e8fd0123c 11 Description The mptcp protocol could run a worker when the associated socket was in an unexpected state, specifically during a connect operation following an incoming reset and fastclos...