1083 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the PREEMPTRT raw/bh spinlock nesting issue for async VC handling The code has been changed to use a local lock instead of the raw spinlock provided by the completion structure in the idpfvcxn struct. This conversion ...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommu/amd: Serialize sequence allocation under concurrent TLB invalidations. With concurrent TLB invalidations, the completion wait time might randomly time out. This occurs because the cmdsemval field was incremented outside ...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tls: Separating the handling of no-async decryption requests from async. If we are not using async, the handling is much simpler. There is no reference counting; we simply need to wait for the completion to wake us up and return...
CLEANSTART-2026-RG22668 Security fixes for CVE-2026-27145, CVE-2026-39824, CVE-2026-42504, CVE-2026-42507 applied in versions: 1.0.10-r4, 1.0.10-r5
Multiple security vulnerabilities affect the wait-for-port package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-34538
Apache Airflow versions 3.0.0 through 3.1.8 DagRun wait endpoint returns XCom result values even to users who only have DAG Run read permissions, such as the Viewer role.This behavior conflicts with the FAB RBAC model, which treats XCom as a separate protected resource, and with the security mode...
Malicious Package
Overview @car-loans/wait-task-props is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
PT-2026-45211
Name of the Vulnerable Software and Affected Versions apache-airflow versions prior to 3.2.2 Description The 'partitioned dag runs' endpoints in the UI enforce only asset-level access control instead of per-Dag authorization. This allows an authenticated UI or API user with global Asset:read...
SUSE CVE-2026-46227
In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...
CVE-2026-46015
A flaw was found in the Linux kernel's TCP networking subsystem. When an established network connection is migrated between listener sockets within the same SOREUSEPORT group, applications waiting for new connections may not be properly notified. This can cause poll, epollwait, and blocking accep...
CVE-2026-46187
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: fix kthread lifetime race between self-exit and external-stop RSI driver use both self-exitkthreadcompleteandexit and external-stop kthreadstop when killing a kthread. Generally, kthreadstop is called first, and in thi...
CVE-2026-46223
The CVE-2026-46223 issue concerns the Linux kernel cgroup subsystem: rmdir defers percpu_ref kill of CSS until the cgroup is depopulated. A chain of commits reworked rmdir behavior to ensure ->css_offline() does not run while tasks are still doing kernel work in the cgroup. The core problem wa...
EUVD-2026-32814
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: fix kthread lifetime race between self-exit and external-stop RSI driver use both self-exitkthreadcompleteandexit and external-stop kthreadstop when killing a kthread. Generally, kthreadstop is called first, and in thi...
net/smc: avoid early lgr access in smc_clc_wait_msg
...
SUSE CVE-2026-46027
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...
UBUNTU-CVE-2026-46073
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...
UBUNTU-CVE-2026-46090
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopbackcheckformat may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa62e3 "ALSA: aloop: Fix...
CVE-2026-46041
CVE-2026-46041 affects the Linux kernel with a fix for sleeping in an atomic context in the hdlc path used by greybus/gb-beagleplay. The root cause is that hdlc_append() calls usleep_range() while tx_producer_lock (a spinlock) is held, risking a BUG: scheduling while atomic. The workaround is to ...
CVE-2026-46027
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...
CVE-2026-46027
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...
EUVD-2026-32408
In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...