Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: uprobe: avoided out-of-bounds memory access when fetching args Uprobe needs to fetch args into a percpu buffer, and then copy them to the ring buffer to avoid non-atomic context problems. Sometimes user-space strings or arrays ca...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: riscv: The issue with the handling of SRSPIE set/clear operations during uprobe has been fixed. In riscv, the process of uprobe involves clearing the SPIE before executing the original instruction, and setting the SPIE after...

bioimageio-engine (>=0.1.0 <=0.1.3), executor-http (>=0.1.0 <=0.1.2) +8 more potentially affected by unknown CVE via executor-engine (=0.3.3)

executor-engine PYPI version =0.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on executor-engine and may be impacted: - bioimageio-engine =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.1, =0.5.0, =0.1.1, =0.1.2 Source cves: unknown CVE Source...

pantheon-cli (>=0.1.1 <=0.1.4rc1), uprobe (>=0.1.1 <=0.1.2) potentially affected by unknown CVE via pantheon-agents (=0.6.0)

pantheon-agents PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on pantheon-agents and may be impacted: - pantheon-cli =0.1.1, =0.1.1, =0.1.2 Source cves: unknown CVE Source advisory: SNYK:PYTHON-PANTHEONAGENTS-17220146...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Support for deferring bpflink deallocation to after RCU grace period For some program types, the “link” is passed as a “context” that can be used by those BPF programs to retrieve additional information. For example, for...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Kernel: Be more careful regarding failures with dupmmap and the registration of uprobes. If a memory allocation fails during dupmmap, the maple tree can remain in an unsafe state for other iterators besides the exit path. All loc...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011328)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011328 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamicevents interface on...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47675)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47675 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in...

ROS-20260120-7315

A vulnerability in the uprobewriteopcode function of the kernel/events/uprobes.c module of the Linux kernel is related to incorrect calculation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1071)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

ROS-20260113-7357

A vulnerability in the prepareuprobebuffer function of the kernel/trace/traceuprobe.c module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected informati...

Linux Distros Unpatched Vulnerability : CVE-2023-54303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Disable preemption in bpfperfeventoutput The nesting protection in bpfperfeventoutput relies on disabled preemption, which is guaranteed for kprobes and...

CVE-2023-54303

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpfperfeventoutput The nesting protection in bpfperfeventoutput relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpfperfeventoutput can be also called from uprobes...

kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...

SUSE CVE-2025-40021

In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamicevents interface on tracefs is compatible with kprobeevents and uprobeevents, it should also check the lockdown status and reject if it is set...

DEBIAN-CVE-2025-40021

In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamicevents interface on tracefs is compatible with kprobeevents and uprobeevents, it should also check the lockdown status and reject if it is set...

AZL-68811 CVE-2025-40021 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamicevents interface on tracefs is compatible with kprobeevents and uprobeevents, it should also check the lockdown status and reject if it is set...

EUVD-2025-35838

In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamicevents interface on tracefs is compatible with kprobeevents and uprobeevents, it should also check the lockdown status and reject if it is set...

EUVD-2022-55483

Malicious code in bioql PyPI...