CVE-2026-43497

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: add vmops to dlfbopsmmap to prevent use-after-free dlfbopsmmap uses remappfnrange to map vmalloc framebuffer pages to userspace but sets no vmops on the VMA. This means the kernel cannot track active mmaps. When...

A Bipartisan Amendment Would End Police License Plate Tracking Nationwide

One line tucked into a federal highway bill would strip funds from cities and states unless they kill their automated plate tracking programs—effectively banning the tech for all but toll collection...

freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This double free vulnerability occurs during the cleanup process when a remote desktop session disconnects. Specifically, if a title allocation fails, a pointer to an application window is freed but not removed fro...

Firefox 151 packs big privacy upgrades into a small update

Mozilla has published release notes for Firefox browser version 151.0, and this update includes several genuinely meaningful privacy and security improvements. Three changes stand out in particular: Stronger anti‑fingerprinting Broader protection for local network access More control over private...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fixed the issue with zerovruntime tracking. John reported that stress-ng-yield could cause his machine to behave abnormally. He managed to bisect the process to commit the change identified as b3d99f43c72b „sched/fair...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: The label mapping should be released when replacing an existing ct entry. The issue arises from the fact that the referenced commit does not release the label mapping when replacing an existing ct entry, leading to a...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftct: Skip evaluation of expectations for confirmed conntrack entries. The nftctexpectobjeval function calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called when !nfctisconfirmed ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mt76: fixed the race condition related to the “tx status” during station removal. There is a small race condition where ongoing TX activity can cause an skb to be added to the status tracking IDR, even after that IDR has alrea...

Astra Linux - уязвимость в firefox

When Firefox is configured to block the storage of all cookies, it is still possible to store data in localstorage by using an iframe with a source of ‘about:blank’. This could allow malicious websites to store tracking data without permission. This vulnerability affects Firefox versions earlier...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk from being released while still in use The functions iplocalout and others can pass skb-sk as a function argument. If the skb is a fragment and reassembly occurs before such a function call returns, t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: liveupdate: luofile: Remember the retrieve status LUO keeps track of successful retrieve attempts on a LUO file. It does this to avoid multiple retrievals of the same file. Multiple retrievals cause problems because once the file...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: Locking is provided for v4endgrace. Writing to v4endgrace can cause a race condition with server shutdown, resulting in memory being accessed after it has been freed—especially in the case of reclaimstrhashtbl. We cannot ho...

Astra Linux - уязвимость в opensc

A flaw was discovered in OpenSC packages that could allow for a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length PIN is passed. This issue poses a security risk, especially for OS...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Resetting the register ID for BPFEND value tracking When a register undergoes a BPFEND byte swap operation, its scalar value is mutated in-place. If this register previously shared a scalar ID with another register e.g., aft...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 9 : webkit2gtk3 (RHSA-2026:19535)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19535 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

webkitgtk: A website may be able to track users through Safari web extensions

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management...

freerdp: FreeRDP heap-use-after-free

A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it...

ALSA-2026:19206 Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...

Important: webkit2gtk3 security update

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari...