Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: BPF: The unnecessary user-triggable WARNONCE message in the verifier log was removed. It is trivial for a user to trigger the “verifier log line truncated” warning. The verifier has a fixed-size buffer of 1024 bytes currently...

EUVD-2026-17195

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.24.8, NanoMQ’s MQTT-over-WebSocket transport can be crashed by sending an MQTT packet with a deliberately large Remaining Length in the fixed header while providing a much shorter actual payload. The code path...

SUSE CVE-2026-23289

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...

CVE-2026-32937

This CVE affects free5GC CHF prior to v1.2.2, where an out-of-bounds slice access in nchf-convergedcharging RechargePut(...) can be triggered by an authenticated PUT to /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=.... The result is a server-side panic converted to HTTP 500 by Gin, ena...

CVE-2026-32724 PX4 autopilot has a heap Use-After-Free in MavlinkShell::available() via SERIAL_CONTROL Race Condition

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc1, a heap-use-after-free is detected in the MavlinkShell::available function. The issue is caused by a race condition between the MAVLink receiver thread which handles shell creation/destruction and the telemetry sender thre...

CVE-2023-54145

Technical details for CVE-2023-54145 are not publicly available in the provided Connected documents. The EulerOS/Nessus listings reference the CVE, but no affected products, vulnerable components, or fixes are described here. Monitor for vendor advisories for updates.

PT-2025-53222

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a fixed-size buffer of 1024 bytes in the verifier can be triggered by user-provided information, leading to a "verifier log line truncated"...

CVE-2025-68201 drm/amdgpu: remove two invalid BUG_ON()s

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: remove two invalid BUGONs Those can be triggered trivially by userspace...

PT-2025-51614

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the DRM/amdgpu subsystem related to invalid BUG ON statements. These statements can be triggered easily by user space processes. Recommendations...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: memcgwriteeventcontrol: fixed a user-triggered oops. We do not guarantee that anything beyond the terminating NUL is mapped let alone initialized with anything sensible...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2025-1057)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memoryCVE-2024-50115 tcp/dccp: Don't use timerpending in reqskqueueunlink.CVE-2024-50154 bpf: F...

AZL-49170 CVE-2024-45021 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...

CVE-2024-45021 memcg_write_event_control(): fix a user-triggerable oops

In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...

CVE-2024-45021

In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...

CVE-2024-45021 memcg_write_event_control(): fix a user-triggerable oops

In the Linux kernel, the following vulnerability has been resolved: memcgwriteeventcontrol: fix a user-triggerable oops we are not guaranteed that anything past the terminating NUL is mapped let alone initialized with anything sane...

Triggerable assertion due to race condition in hot-unplug

...

CVE-2024-42131 mm: avoid overflows in dirty throttling logic

In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGESIZE units fit into 32-bit so that various multiplications fit into 64-bits. If limits end up bein...

CVE-2024-4693

A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...

CVE-2024-4693

A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...

CVE-2024-4693 Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash

A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...