502 matches found
Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: The BR/EDR JUSTWORKS method has been aligned with LE. This alignment of the BR/EDR JUST WORKS method with LE was implemented since version 92516cd97fd4. „Bluetooth: Always request for user confirmation for Ju...
SUSE CVE-2026-31773
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...
CVE-2026-31773
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...
CVE-2026-31773 Bluetooth: SMP: derive legacy responder STK authentication from MITM state
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...
CVE-2026-31773
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticated whenever pendingseclevel is BTSECURITYHIGH. That reflects what the...
CVE-2026-31773
The CVE-2026-31773 entry concerns the Linux kernel Bluetooth SMP implementation. The root cause is that the legacy responder path in smp_random() marks the STK as authenticated whenever pending_sec_level is BT_SECURITY_HIGH, which reflects the requested security level rather than the actual pairi...
PT-2026-36408
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smp random currently labels the stored STK as authenticated whenever pending sec level is BT SECURITY HIGH. That reflects wha...
OESA-2026-1010 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resour...
OESA-2026-1009 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resour...
CVE-2026-21891 ZimaOS has Authentication Bypass via System-Level Username
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks the validity of the username but appears to skip, misinterpret, or incorrectly validate the password when the provided username matches a...
CVE-2025-11774
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the software keyboard function hereinafter referred to as "keypad function" of Mitsubishi Electric GENESIS64 versions 10.97.2 CFR3 and prior, Mitsubishi Electric Iconics Digital Solutions...
Mitsubishi Electric GX Works2
RISK EVALUATION Successful exploitation of this vulnerability could open project files protected by user authentication using disclosed credential information, and obtain or modify project information. 2. RECOMMENDED PRACTICES CISA reminds organizations to perform proper impact analysis and risk...
SoK: Systematizing a Decade of Architectural RowHammer Defenses through the Lens of Streaming Algorithms
A decade after its academic introduction, RowHammer RH remains a moving target that continues to challenge both the industry and academia. With its potential to serve as a critical attack vector, the ever-decreasing RH threshold now threatens DRAM process technology scaling, with a superlinearly...
kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...
kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...
CVE-2023-53638
In the Linux kernel, the following vulnerability has been resolved: octeonep: cancel queued works in probe error path If it fails to get the devices's MAC address, octepprobe exits while leaving the delayed work intrpolltask queued. When the work later runs, it's a use after free. Move the...
EUVD-2021-20743
Malware in sbrugna...
EUVD-2018-10083
Malware in sbrugna...
EUVD-2019-4690
Malware in sbrugna...
EUVD-2021-28629
Malicious code in bioql PyPI...