Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...

Astra Linux - уязвимость в tomcat9

Improper handling of exceptional conditions, and uncontrolled resource consumption vulnerabilities in Apache Tomcat. When processing an HTTP/2 stream, Tomcat failed to correctly handle some cases of excessive HTTP headers. This resulted in an incorrect count of active HTTP/2 streams, leading to t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drivers: staging: rtl8723bs: Fixed locking issues in rtwjointimeouthandler. The commit number 041879b12ddb states: “drivers: staging: rtl8192bs: Fixed deadlock in rtwjoinbsseventprehandle. In addition, rtwjointimeouthandler wa...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fixed SError causing kernel panic upon closing. The occurrence of SError causing kernel panic was rare during testing. The root cause was entering suspend mode due to an timeout of the autosuspend delay...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check the scheduler work queue before calling timeout handling During an IGT GPU reset test, we still encounter an oops error, despite the commit 0c8c901aaaebc9 drm/sched: Check the scheduler ready before calling timeo...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: Disable timeout handling If a timeout occurs, it can lead to incorrect data on the I2C bus and/or memory corruption in the guest, since the device can still be operating on the buffers it was given, even after the...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fixed a use-after-free issue related to aborted TMF sastask. Currently, a use-after-free might occur if the TMF sastask is aborted before we handle the I/O completion in mpisspcompletion. This abort occurs due to a...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets These parameters have never been used in the user space; therefore, disallow them...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: nullblk: fixed handling of poll request timeouts When performing the iouring benchmark on /dev/nullb0, it’s easy for the kernel to crash if poll requests time out, as reported by David. 1 BUG: Kernel NULL pointer dereferencing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Add a wrapper around the mlx5etxreporterdumpsq function to extract the SQ value from the struct mlx5etxtimeoutctx structure. In the TX-timeout-recovery flow, the argument passed to this function is actually of type...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: A bug related to use-after-free was fixed due to error path handling in mtkjpegdecdevicerun. In mtkjpegprobe, the variable &jpeg-jobtimeoutwork is bound to mtkjpegjobtimeoutwork. In mtkjpegdecdevicerun, if an err...

CVE-2026-46727 - Use-after-free in pthread-based getaddrinfo timeout handler

SUMMARY A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that calls Addrinfo.getaddrinfo..., timeout: o...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021647 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021585 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021572 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-mq: avoid double -queuerq because of early timeout David Jeffery found one double -queuerq...

SUSE SLES15 Security Update : nginx (SUSE-SU-2026:1953-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1953-1 advisory. This update for nginx fixes the following issues Security issues: - CVE-2026-1642: plain text data injection into the response from...

GHSA-3653-68V6-RQ57 HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

Summary All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

HAPI FHIR: ReDoS via FHIRPath matches()/replaceMatches() in FHIR Validator HTTP Endpoint

Summary All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The FHIRPath functions matches, matchesFull, and replaceMatches pass user-controlled regular expressions directly to Java's Pattern.compile and String.replaceAll without...

SUSE-SU-2026:1953-1 Security update for nginx

This update for nginx fixes the following issues Security issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784:...

CLSA-2026-1778845249 redis: Fix of 2 CVEs

CVE-2026-23631: fix use-after-free in readSyncBulkPayload when fullsync happens while a Lua script is timed out on the replica - CVE-2026-25243: fix invalid memory access in RESTORE on crafted zipmap, listpack and stream PEL payloads...