CVE-2026-47077 Unbounded body accumulation in HTTP/3 response loop in hackney

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackneyh3:awaitresponseloop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received chunk,...

PT-2026-43073

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. hackney h3:await response loop/6 accumulates the HTTP/3 response body in memory without any size cap. The after Timeout clause is a per-message inactivity timer that resets on every received...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados

dyld-signing-oracle-poc A controlled exploration of dyld's pa...

CVE-2026-5072

A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...

CVE-2026-44931

A flaw was found in malcontent. The newly introduced RecordUsage D-Bus Desktop Bus method in malcontent-timerd allows any user on the system to slowly consume disk space in the /var/lib/malcontent-timerd directory. This can lead to a Denial of Service DoS by exhausting available disk resources,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: split the transmission timer into two parts—transmission and timeout. The timer for the transmission of isotp PDUs previously had two functions: 1. sending two consecutive frames with a specified time interval. 2...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a race condition in sndseqtimeropen. The timer instance per queue is exclusive, and sndseqtimeropen should handle concurrent accesses properly. It seems that the function checks for an already existing timer...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: Fixed a panic that occurs when timertype has a garbage value. Currently, when a rule related to IDLETIMER is added, the idletimertg timer structure is initialized using kmalloc during the execution of the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Watchdog: Fixed a possible use-after-free by calling deltimersync. The remove function of this driver calls deltimer. However, that function does not wait for the timer handler to finish executing. This means that the timer handl...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed a race condition in hidpsessionthread. There is a potential race condition in hidpsessionthread that may lead to a use-after-free. For example, the timer is active while hidpdeltimer is called in...

Astra Linux - уязвимость в linux-5.10, linux

There are use-after-free vulnerabilities caused by a timer handler in the net/rose/rosetimer.c file of Linux, which allow attackers to crash the Linux kernel without any privileges...

Astra Linux - уязвимость в linux-5.15

A use-after-free vulnerability was discovered in the cyttsp4core driver within the Linux kernel. This issue arises in the device cleanup routine, due to a possible rearming of the watchdogtimer from the workqueue. This could allow a local user to crash the system, resulting in a denial of service...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Watchdog: cpu5wdt.c – Fixed a use-after-free bug caused by cpu5wdttrigger. When the cpu5wdt module is being removed, the original code uses deltimer to de-activate the timer. If the timer handler is still running, deltimer may no...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300 – Fixed the return value check in mmcaddhost. If we ignore the return value of mmcaddhost, the memory allocated in mmcallochost may be leaked, leading to a kernel crash due to the removal of devices that were not...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Properly terminate timers for kernel sockets We received various reports from syzbot regarding TCP timers being fired after the corresponding netns has been dismantled. Fortunately, Josef Bacik was able to trigger this issue...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021563 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021616)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021616 advisory. In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

CVE-2026-8745

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogstimeradd in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly available an...