Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fixed the use of the pointer offset in errorstateread. This fix addresses the issue where, when there is no i915gpucoredump but the buf offset is non-zero, a kernel page fault may occur. This issue occurs when...

CVE-2026-44504

CVE-2026-44504 (Aegra) describes a cross-tenant IDOR in Aegra deployments prior to 0.9.7 where an authenticated user with access to another user’s thread_id can: (1) execute runs against that user’s thread via /threads/{thread_id}/runs (and related endpoints), (2) read the other user’s full check...

CVE-2026-44504

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's threadid, can execute graph runs against the user's thread, read the user's full...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989438 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstaterea...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989719)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989719 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstaterea...

SUSE CVE-2022-49723

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstateread when there is no i915gpucoredump but buf offset is non-zero. This fixes a kernel page fault can happen when multiple tests are...

DEBIAN-CVE-2022-49723

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstateread when there is no i915gpucoredump but buf offset is non-zero. This fixes a kernel page fault can happen when multiple tests are...

UBUNTU-CVE-2022-49723

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstateread when there is no i915gpucoredump but buf offset is non-zero. This fixes a kernel page fault can happen when multiple tests are...

CVE-2022-49723 drm/i915/reset: Fix error_state_read ptr + offset use

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstateread when there is no i915gpucoredump but buf offset is non-zero. This fixes a kernel page fault can happen when multiple tests are...

CVE-2022-49723

The CVE-2022-49723 issue affects the Linux kernel’s i915 DRM reset path. The root cause is incorrect pointer offset handling in error_state_read when there is no i915_gpu_coredump but a non-zero buffer offset, which could lead to a kernel page fault under concurrent engine resets and error_state ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the errorstateread function of the drm/i915/reset module that uses a null pointer at a non-zero offset...

kernel: drm/i915/reset: Fix error_state_read ptr + offset use

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix errorstateread ptr + offset use Fix our pointer offset usage in errorstateread when there is no i915gpucoredump but buf offset is non-zero. This fixes a kernel page fault can happen when multiple tests are...

lighttpd 安全漏洞

lighttpd is an open source web server developed by Jan Kneschke in Germany. A security vulnerability exists in lighttpd that originates from a denial-of-service attack that can be triggered via CLOSEWAIT / CONSTATEREADPOST...