CVE-2026-45876

arm64/gcs: Fix error handling in archsetshadowstackstatus...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: A sleeping function is called from an invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1...

CVE-2026-34971

Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...

LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64

...

CVE-2026-23346 arm64: io: Extract user memory type in ioremap_prot()

In the Linux kernel, the following vulnerability has been resolved: arm64: io: Extract user memory type in ioremapprot The only caller of ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a 'pgprott' value determined from the user mapping of the target...

CVE-2026-23345

In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGEGCS,RO definitions include th...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004107 advisory. An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system...

CVE-2025-71110

In the Linux kernel, the following vulnerability has been resolved: mm/slub: reset KASAN tag in deferfree before accessing freed memory When CONFIGSLUBTINY is enabled, kfreenolock calls kasanslabfree before deferfree. On ARM64 with MTE Memory Tagging Extension, kasanslabfree poisons the memory an...

CVE-2022-50614

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix pciendpointtestcopy,write,read panic The dmamapsingle doesn't permit zero length mapping. It causes a follow panic. A panic was reported on arm64: 60.137988 ------------ cut here ------------ 60.142630...

USN-7909-4 linux-gcp, linux-gke, linux-gkeop vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...

CVE-2023-53726 arm64: csum: Fix OoB access in IP checksum code for negative lengths

In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c "arm64: csum: Fix pathological zero-length calls" added an early return for zero-length input, syzkaller has popped up with an...

CVE-2023-53713

CVE-2023-53713 affects the Linux kernel on arm64 with SME in streaming SVE mode. The vulnerability arises from clearing the FFR context field using an unconditional 8-byte store, which may fail to clear the entire field or corrupt memory if the SME vector length is not 64 bytes. The fix replaces ...

CVE-2023-53634 bpf, arm64: Fixed a BTI error on returning to patched function

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fixed a BTI error on returning to patched function When BPFTRAMPFCALLORIG is set, BPF trampoline uses BLR to jump back to the instruction next to call site to call the patched function. For BTI-enabled kernel, the...

FreeBSD : OpenSSL -- multiple vulnerabilities (00e912c5-9e92-11f0-bc5f-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 00e912c5-9e92-11f0-bc5f-8447094a420f advisory. The OpenSSL project reports reports: Out-of-bounds read & write in RFC 3211 KEK Unwrap Timing...

OpenSSL 3.4.0 < 3.4.3 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.3 advisory. - Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm...

CVE-2025-39804 lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit a59e5468a921 "crypto: arm64/poly1305 - Add block-only interface". This safety check is cheap and ...

kernel security update

4.18.0-553.69.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

CVE-2025-8028

On arm64, a WASM brtable instruction with a lot of entries could lead to the label being too far from the instruction causing truncation and incorrect computation of the branch address. This vulnerability affects Firefox 141, Firefox ESR 115.26, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird...

OESA-2025-1823 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g...

UBUNTU-CVE-2023-53043

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel will try to ensure coherency during dma-ops and that may cause data corruption. So, mark the PCIe nod...