Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fixed a deadlock in contextxa. The variable ivpudevice-contextxa is locked both in the kernel thread and in the IRQ context. This requires the XAFLAGSLOCKIRQ flag to be passed during initialization. Otherwise, the loc...

SUSE CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

CVE-2026-46316

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each entry with vgicputirq. It puts...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: erofs: Fixed the issue where xasretry was missing in the fscache mode. The xarray iteration only holds the RCU read lock; therefore, an XARETRYENTRY may be encountered if a process modifies the xarray concurrently. This would lea...

Linux Distros Unpatched Vulnerability : CVE-2026-23418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bal...

CVE-2026-23418

In the Linux kernel, the following vulnerability has been resolved: drm/xe/regsr: Fix leak on xastore failure Free the newly allocated entry when xastore fails to avoid a memory leak on the error path. v2: use goto failfree. Bala cherry picked from commit 6bc6fec71ac45f52db609af4e62bdb96b9f5fadb...

MiracleLinux 7 : sox-14.4.1-7.el7 (AXSA:2019-4121:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4121:01 advisory. sox: NULL pointer dereference in startread function in xa.c CVE-2017-18189 Tenable has extracted the preceding description block directly from the MiracleLin...

kernel: net/sched: cls_api: fix error handling causing NULL dereference

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsapi: fix error handling causing NULL dereference tcfextsmisscookiebasealloc calls xaalloccyclic which can return 1 if the allocation succeeded after wrapping. This was treated as an error, with value 1 returned to...

EUVD-2008-1641

Malware in sbrugna...

EUVD-2013-3743

Malware in sbrugna...

Malicious code in @zalastax/nolb-_xa (npm)

The package @zalastax/nolb-xa was found to contain malicious code...

MAL-2025-10601 Malicious code in @zalastax/nolb-_xa (npm)

The package @zalastax/nolb-xa was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2025-22016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dpll: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping...

SUSE CVE-2025-38387

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we may get a poisonous pointer. This fixes the crash below: mlx5core...

AZL-72403 CVE-2025-38387 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize objevent-objsublist before xainsert The objevent may be loaded immediately after inserted, then if the listhead is not initialized then we may get a poisonous pointer. This fixes the crash below: mlx5core...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dpll: fixed the error handling for xaalloccyclic. If the value 1 is returned from xaalloccyclic wrapping, ERRPTR1 will be returned, causing ISERR to be false. This can lead to a dereference of an unallocated pointer pin. The issu...

SUSE CVE-2022-49815

In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing xasretry in fscache mode The xarray iteration only holds the RCU read lock and thus may encounter XARETRYENTRY if there's process modifying the xarray concurrently. This will cause oops when referring to the...

UBUNTU-CVE-2022-49815

In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing xasretry in fscache mode The xarray iteration only holds the RCU read lock and thus may encounter XARETRYENTRY if there's process modifying the xarray concurrently. This will cause oops when referring to the...

SUSE CVE-2025-22016

In the Linux kernel, the following vulnerability has been resolved: dpll: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer pin. Fix it by checking i...

SUSE CVE-2025-22017

In the Linux kernel, the following vulnerability has been resolved: devlink: fix xaalloccyclic error handling In case of returning 1 from xaalloccyclic wrapping ERRPTR1 will be returned, which will cause ISERR to be false. Which can lead to dereference not allocated pointer rel. Fix it by checkin...