Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: hwrng: amd – Fix the PCI device reference count leak foreachpcidev is implemented through pcigetdevice. The comment for pcigetdevice states that it will increase the reference count of the returned pcidev, and also decrease th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Do not attempt to replace the rwsem lock on a device that already holds it. By running fstests btrfs/011 with MKFSOPTIONS="-O rst" to force the use of the RAID stripe-tree, we obtain the following error from lockdep:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed deadlock issues during suspend and resume operations. When an application sends a query IOCTL while auto suspend is in progress, a deadlock can occur. The query process first acquires devlock, then calls...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ARP: Do not assume that devhardheader does not change skb-head. arpcreate is the only function that calls devhardheader, and it makes an assumption that skb-head remains unchanged. A recent commit broke this assumption. Initializ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mac80211: Fixed a deadlock issue in AP/VLAN handling. Syzbot reports that when APVLAN interfaces are active, closing the AP interface they belong to can lead to a deadlock. This isn’t surprising—since we use devclose to handle...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdwrtsdcajackcommon: ctx-headsetcodecdev = NULL The functions sofsdwrtsdcajackcommon and sofsdwrtsdcajackexit are used by different codecs, and some of them use the same interface names. For example, rt712 and rt7...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: block/rnbd-srv: Check for unlikely string overflows Since “devsearchpath” can technically be as large as PATHMAX, there was a risk of truncation when copying it and a second string into “fullpath”—since “fullpath” is also sized a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: Do not leak memory if devsetname fails. When devsetname fails, zcdncreate does not free the newly allocated resources. Fix this issue...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Networks: Bridge layer; use DEVSTATSINC. SYZBOT/KCSAN reported data races in brhandleframefinish 1. This function can run on multiple CPUs without mutual exclusion. Adopting SMP-safe DEVSTATSINC allows for updates to dev-stats...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: Fixed a memory leak in octepdevicesetup. In octepdevicesetup, if octepctrlnetinit fails, the function returns directly without unmapping the mapped resources and freeing the allocated configuration memory. This issue wa...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Thermal: Prevent potential string overflows. The dev-id value comes from idaalloc, so it’s a number between zero and INTMAX. If it’s too high, the sprintf functions will cause overflow...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: caif: fixed a memory leak in cfusbldevicenotify. In the case of a failure in caifenrolldev, the allocated linksupport will not be assigned to the corresponding structure. Therefore, simply free the allocated pointer in case ...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: macsec: Fixed the UAF bug related to realdev. A new macsec device was created, but there was no reference to realdev. This does not ensure that realdev is freed after the macsec device is removed. This will trigger the UAF bug...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A vulnerability was discovered in vhostnewmsg in drivers/vhost/vhost.c within the Linux kernel. This issue arises due to the improper initialization of memory in messages transmitted between virtual guests and the host operating system, as implemented in the vhostnewmsg function. This vulnerabili...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: rbd: Avoid use-after-free in dorbdadd, when rbddevcreate fails. If obtaining an ID or setting up a work queue in rbddevcreate fails, a use-after-free occurs on rbddev-rbdclient, rbddev-spec, and rbddev-opts in dorbdadd. The root...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - ice: Fixed the KASAN error in the LAG NETDEVUNREGISTER handler. Currently, the same handler is called for both the NETDEVBONDINGINFO LAG unlink notification and the NETDEVUNREGISTER call. This causes problems, as the...

Astra Linux - уязвимость в espeak-ng

It was discovered that Espeak-ng 1.52-dev contains a buffer overflow issue due to a function called SetUpPhonemeTable in the synthdata.c file...

Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: fixed a memory leak in cachefilesaddcache The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== Unreferenced object...

PT-2026-42374

DevGuard has an unauthenticated identity assertion via X-Admin-Token header in github.com/l3montree-dev/devguard...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021602)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021602 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...