Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/core: Always clear status for idx The variable status which contains the unhandled overflow bits is not being properly masked in some cases, resulting in the following warning: WARNING: CPU: 156 PID: 475601 at...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADFSTATUSPFRUNNING should be set after adfdevinit ADFSTATUSPFRUNNING is only used and checked by adfvf2pfshutdown before calling adfiovputmsg-mutexlockvf2pflock, however the vf2pflock is initialized in adfdevinit,...

EUVD-2017-3283

Malware in sbrugna...

EUVD-2022-55362

Malicious code in bioql PyPI...

CVE-2022-50096

In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Update kcb status flag after singlestepping Fix kprobes to update kcb kprobes control block status flag to KPROBEHITSSDONE even if the kp-posthandler is not set. This bug may cause a kernel panic if another INT3 user...

SUSE CVE-2024-27437

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in requestirq and subsequently disabled as necessary to...

DEBIAN-CVE-2021-47056

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - ADFSTATUSPFRUNNING should be set after adfdevinit ADFSTATUSPFRUNNING is only used and checked by adfvf2pfshutdown before calling adfiovputmsg-mutexlockvf2pflock, however the vf2pflock is initialized in adfdevinit,...

CLSA-2023-1677096436 Fix CVE(s): CVE-2017-11671

SECURITY UPDATE: Under certain circumstances the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially causing failures of these instructions to go unreported. This could potentially lead to less randomness in random number generation. -...

GSD-2022-1005194 x86/kprobes: Update kcb status flag after singlestepping

x86/kprobes: Update kcb status flag after singlestepping This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...

Unspecified Vulnerability in Mozilla Firefox and Firefox ESR (CNVD-2018-11926)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in Mozilla Firefox versions prior to 60 and Firefox ESR versions...

CVE-2017-11671

Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...

CVE-2017-11671

Under certain circumstances, the ix86expandbuiltin function in i386.c in GNU Compiler Collection GCC version 4.6, 4.7, 4.8, 4.9, 5 before 5.5, and 6 before 6.4 will generate instruction sequences that clobber the status flag of the RDRAND and RDSEED intrinsics before it can be read, potentially...

CVE-2017-11671

CVE-2017-11671 affects GCC: the ix86_expand_builtin path in i386.c can generate RDRAND/RDSEED instruction sequences that clobber the status flag before being read, potentially causing reduced randomness. Documented in GCC bug reports and affected across GCC 4.6–4.9, 5 before 5.5, and 6 before 6.4...

CVE-2017-11671

Removed by vendor...

DEBIAN-CVE-2015-2830

arch/x86/kernel/entry64.S in the Linux kernel before 3.19.2 does not prevent the TSCOMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the 1 fork or 2 close system call, as demonstrated b...

DEBIAN-CVE-2007-1266

Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...