384 matches found
Astra Linux - уязвимость в glibc
On the x86-64 architecture, the GNU C Library also known as glibc prior to version 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition. This allows local attackers to restrict the possible mapping addresses for loaded libraries,...
SUSE CVE-2026-43073
In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...
CVE-2026-43073 x86-64: rename misleadingly named '__copy_user_nocache()' function
In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...
CVE-2026-43073
In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the misleading naming of the copyusernocache function in the x86-64 architecture. This function...
Linux Distros Unpatched Vulnerability : CVE-2026-43073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a...
SUSE CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: freetype: freetype-2.14.3-1.hum1 aarch64, x8664 freetype-demos-2.14.3-1.hum1 aarch64, x8664 freetype-devel-2.14.3-1.hum1 aarch64, x8664 freetype-2.14.3-1.hum1.src src...
CVE-2026-34944
A flaw was found in Wasmtime, a runtime for WebAssembly. On x86-64 platforms with SSE3 disabled, Wasmtime's Cranelift compiler backend may load additional data beyond the intended memory boundary when compiling the 'f64x2.splat' WebAssembly instruction. This out-of-bounds read can lead to a Denia...
GHSA-QQFJ-4VCM-26HV Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can result in a uncaught segfault due to loading from unmapped guard pages. With guard pages...
DEBIAN-CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
CVE-2026-34944 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
CVE-2026-34944 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on x86-64
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
CVE-2026-34944
Wasmtime is a runtime for WebAssembly. Prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1, On x86-64 platforms with SSE3 disabled Wasmtime's compilation of the f64x2.splat WebAssembly instruction with Cranelift may load 8 more bytes than is necessary. When signals-based-traps are disabled this can resul...
wasmtime 安全漏洞
Wasmtime is a lightweight WebAssembly runtime open source by the Bytecode Alliance. Versions prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 of Wastime have security vulnerabilities. These vulnerabilities arise from the use of Cranelift for compiling f64x2.splat WebAssembly instructions on x86-64...
CVE-2026-28386 Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...
CVE-2026-28386
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...
CVE-2026-28386
The CVE CVE-2026-28386 affects OpenSSL’s FIPS module (version 3.6) on x86-64 systems with AVX-512 and VAES. A partial-block processing path in AES-CFB-128 can trigger an out-of-bounds read of up to 15 bytes when the input buffer sits at a page boundary and the next page is unmapped, potentially c...
CVE-2026-28386 Out-of-bounds Read in AES-CFB-128 on X86-64 with AVX-512 Support
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...
CVE-2026-28386
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...