Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ocfs2: Fixed a slab-use-after-free issue caused by a dangling pointer dqipriv. When mounting ocfs2 and then remounting it as read-only, a slab-use-after-free occurs after the user uses the syscall to call ocfs2getnextid...

CVE-2026-25700

Improper Restriction of Security Token Assignment vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. Previously issued administrative tokens were not invalidated after an administrator account was suspended, deleted, or deactivated, allowing continued access to...

SUSE CVE-2026-46327

In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dmsuspendedmd The function dmblkreportzones tests if the device is suspended with the "dmsuspendedmd" call. However, this function is called without holding any locks, so the device may be suspended just...

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Prior versions of the Nimiq network-libp2p 1.4.0 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the kad get-record query, where incorrect validation of records resulted in...

PT-2026-48456

Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description Improper Restriction of Security Token Assignment occurs when administrative tokens are not invalidated after an administrator account is suspended, deleted, or deactivated. This allows continu...

CVE-2026-46327

In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dmsuspendedmd The function dmblkreportzones tests if the device is suspended with the "dmsuspendedmd" call. However, this function is called without holding any locks, so the device may be suspended just...

CVE-2026-46327 dm: fix unlocked test for dm_suspended_md

In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dmsuspendedmd The function dmblkreportzones tests if the device is suspended with the "dmsuspendedmd" call. However, this function is called without holding any locks, so the device may be suspended just...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the dmblkreportzones function to test the suspended state of devices without holding a...

CVE-2026-43883

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed a runtime suspension deadlock that occurred when there was a pending job. The runtime suspension callback drains the running job’s workqueue before suspending the device. If a job is still executing and calls...

Canvas Hackers ShinyHunters Say Their Official Domain Was Suspended

ShinyHunters says its shinyhunte.rs domain was suspended after the Canvas LMS attacks, forcing the group to move fully to its dark web .onion site...

CVE-2026-43883

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the xprtrdma component failing to decrement ep-rereceiving when rpcrdmapostrecvs fails or exits...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the USB core driver’s ability to allow unlimited timeout periods, resulting in tasks being...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the usbtmc driver to call usbbulkmsg with a timeout value specified by the user. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the dm driver’s failure to implement timeout handling and its reliance on slave devices. When an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the x2apic mode not being disabled as expected during recovery, potentially leading to system...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a filename hash conflict that causes transaction suspension, potentially rendering the file syste...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the wave5 driver’s automatic suspension mode that enters a suspended state due to an excessive...