69 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: i3c: mipi-i3c-hci: Correct handling of RINGCTRLABORT in DMA dequeue. The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally aborts the ring even when the ring has already stopped. 2. The...
Fedora 43 : rsync (2026-d4d8ae2bdc)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d4d8ae2bdc advisory. Fixing various bugs from Upstream. I did not do a rebase since the Upstream stopped supporting the rsync-patches repo. I accepted this change in Rawhide but ...
CVE-2026-43352
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Correct RINGCTRLABORT handling in DMA dequeue The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally issues a ring abort even when the ring has already stopped. 2. The...
CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Correct RINGCTRLABORT handling in DMA dequeue The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally issues a ring abort even when the ring has already stopped. 2. The...
CVE-2026-43352
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Correct RINGCTRLABORT handling in DMA dequeue The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally issues a ring abort even when the ring has already stopped. 2. The...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don’t skip on “Stopped – Length Invalid” events. Until the commit d56b0b2ab142 “usb: xhci: ensure skipped isochronous TDs are returned when the isochronous ring is stopped” in v6.11, the driver did not skip missed...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: iwlwifi: mvm: Pause TCM when the firmware is stopped Not doing so will cause us to send a host command to the transport while the firmware is inactive, which will trigger a WARNING. bad state = 0 WARNING: CPU: 2 PID: 17434 ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Do not pass a stopped vif to the driver in .gettxpower. Avoid potentially crashing the driver due to uninitialized private data...
core2 is unmaintained, all versions yanked
The maintainer decided stop maintaining crate and yanked all published versions. Potential alternatives: - embedded-io solves the same general problem - no-std-io2 is a maintained fork...
Linux Distros Unpatched Vulnerability : CVE-2026-23017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entir...
Azure Linux 3.0 Security Update: kernel (CVE-2024-47673)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47673 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: pause TCM when the...
Azure Linux 3.0 Security Update: kernel (CVE-2025-22028)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22028 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .sstream for stopped...
MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities
Cybersecurity researchers from Huntress detail a major VM Escape attack where hackers took over host servers. Using a secret toolkit called MAESTRO, the attackers stayed hidden for over a year. Read the exclusive details on how this breach was stopped and how to protect your network...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not stopping a thread when an array run fails, which could result in a null pointer dereference...
EUVD-2025-203664
In the Linux kernel, the following vulnerability has been resolved: veth: more robust handing of race to avoid txq getting stuck Commit dc82a33297fc "veth: apply qdisc backpressure on full ptrring to reduce TX drops" introduced a race condition that can lead to a permanently stalled TXQ. This was...
CVE-2025-26444
In onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the system to incorrectly revert to the default assistant application when a user-selected assistant is forcibly stopped due to a logic error in the code. This could lead to local escalation of privilege...
UBUNTU-CVE-2025-38717
In the Linux kernel, the following vulnerability has been resolved: net: kcm: Fix race condition in kcmunattach syzbot found a race condition when kcmunattachpsock and kcmreleasekcm are executed at the same time. kcmunattach is missing a check of the flag kcm-txstopped before calling queuework. I...
media: vimc: skip .s_stream() for stopped entities
...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .sstream for stopped entities Syzbot reported 1 a warning prompted by a check in callsstream that checks whether .sstream operation is warranted for unstarted or stopped subdevs. Add a simple fix in...
kernel: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .gettxpower Avoid potentially crashing in the driver because of uninitialized private data...