4194 matches found
CVE-2026-53122
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
DEBIAN-CVE-2026-53284
In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tree after successful writes WARNING With extra warning on dirty extent buffers at umount aka, the next patch in the series, test case generic/388 can trigger the following warning about dir...
CVE-2026-53284
In the Linux kernel, the following vulnerability has been resolved: btrfs: only release the dirty pages io tree after successful writes WARNING With extra warning on dirty extent buffers at umount aka, the next patch in the series, test case generic/388 can trigger the following warning about dir...
GO-2026-5667 CoreDNS has TSIG authentication bypass on gRPC and QUIC transports in github.com/coredns/coredns
CoreDNS has TSIG authentication bypass on gRPC and QUIC transports in github.com/coredns/coredns...
EUVD-2026-38990
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
CVE-2026-53122
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
Insufficient Verification of Data Authenticity
Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity via the webhook.php process. An attacker can manipulate wallet balances and gain unauthorized access to premium...
Security Bulletin: Multiple vulnerabilities affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.
Summary Due to the use of IBM® Runtime Environment Java™, CICS Transaction Gateway Desktop Edition and CICS Transaction Gateway for Multiplatforms are vulnerable to multiple vulnerabilities. CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition have updated the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Do not compare internal table flags during updates. If a table update does not modify the flags, skip the transaction...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Firewire: Core – Fixing a race condition with the transaction list The list of transactions is enumerated without acquiring the card lock when processing the AR response event. This causes a race condition bug when processing the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: fixed a warning that occurs when performing a transaction with qgroups enabled after an abort. If we encounter an abort of a transaction with qgroups enabled, a warning is triggered during the final operation to put the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle the deactivation of DBCs when the owner leaves. When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host via the QAICCONTROL MHI channel. QAIC handles this by calling...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a use-after-free after failing to create a snapshot. In ioctl.c’s createsnapshot function, we allocate a pending snapshot structure and then attach it to the transaction’s list of pending snapshots. After that, we ca...
Astra Linux – Vulnerability in Consul
HashiCorp Consul and Consul Enterprise 1.10.1: The TXN.Apply endpoint allows for the registration of proxies for other services, enabling access to service traffic. This feature was fixed in versions 1.8.15, 1.9.9, and 1.10.2...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: slimbus: Messaging: The transaction ID is not freed in a delayed interrupt scenario. In cases where an interrupt is delayed for any reason, the slimdotransfer function returns a timeout error, but the transaction ID TID is not...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a use-after-free issue when attempting to join an aborted transaction. When trying to join the current transaction, if it aborts, we read its “aborted” field after unlocking fsinfo-translock, without holding any...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: The backend for setting up DEAD bits was changed to use the GC transaction API. The old and buggy gc API and the busy mark approach have been replaced with the GC transaction API. No set elements are remov...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unconditionally flushes pending work before the notifier syzbot reports: KASAN: Slab-uaf in nftctxupdate, include/net/netfilter/nftables.h: 1831 KASAN: Slab-uaf in nftcommitrelease,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fixed DIO failure due to insufficient transaction credits The code in ocfs2dioendiowrite estimates the number of transaction credits required using ocfs2calcextendcredits. However, this does not take into account that the ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF in bindersnetlinkreport. Oneway transactions sent to frozen targets via bindersproctransaction return an BRTRANSACTIONPENDINGFROZEN error, but they are still treated as successful since the target is expected ...