CVE-2026-53290

The CVE-2026-53290 issue affects the Linux kernel driver path drm/xe/eustall. The vulnerability arises when drm_dev_put() is called before the stream is disabled and resources freed in xe_eu_stall_stream_close(), which can drop the last reference and lead to use-after-free as the cleanup accesses...

CVE-2026-53193

An ALSA timer vulnerability in the Linux kernel: when snd_timer is freed with pending snd_timer_instance objects, slave instances may still point to the freed timer, risking a user-after-free. The fix forces snd_timer_close_locked for each pending timer instance and adds a SNDRV_TIMER_IFLG_DEAD c...

CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

EUVD-2026-38893

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...

JLSEC-2026-618 HTTP/1 request smuggling via bare-LF, lenient chunk size, and TE/CL handling in HTTP.jl server

Description The HTTP/1 server request parser had three framing primitives that could make HTTP.jl disagree with a fronting proxy about message boundaries on a reused keep-alive connection. 1 readlinecrlf tolerated a bare LF on its buffered fast path but required CRLF on the slow path, so the...

kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg()

A flaw was found in the Linux kernel's Controller Area Network CAN ISO-TP isotp module. This vulnerability, known as a use-after-free, occurs when the system attempts to free a memory region while it is still being used. A local attacker could trigger this condition by sending a signal that...

GHSA-9PPP-W3G4-FH4Q Oj: Use-After-Free in Oj::Doc Iterators via Reentrant Close

Summary Oj::Doc iterators eachvalue, eachchild, eachleaf are vulnerable to a heap use-after-free. When a Ruby block yielded during iteration calls doc.close or d.close, the document's heap memory is freed while the C iterator is still running. When control returns from the block, the iterator rea...

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: Fixed the issue where the host would hang during device reboot. When the host loses heartbeat messages from the device, the driver calls the device-specific ndostop function, which frees the resources. If the driver is...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: fixed a race condition between delayedwork and cephmoncstop The way delayed work is handled in cephmoncstop is prone to races with monfault, and possibly also finishhunting. Both of these can requeue the delayed work,...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: filelock: Removes locks reliably when a race between fcntl/close operations is detected. When the fcntlsetlk operation races with the close operation, the created lock is removed using dolockfilewait. However, LSMs may allow t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed an oops due to uninitialized variables in smb2unlink. If SMB2openinit or SMB2closeinit fails e.g., due to reconnection, the iovs structure @rqst may remain uninitialized. As a result, calling SMB2openfree,...

Astra Linux – Vulnerability in openimageio

A denial-of-service vulnerability exists in the DPXOutput::close function of the OpenImageIO Project, version 2.4.4.2. A specially crafted ImageOutput object can lead to a null pointer dereferencing issue. An attacker can provide malicious input to trigger this vulnerability...

Astra Linux – Vulnerability in Linux

A issue was discovered in the Linux kernel before version 5.10. The file drivers/infiniband/core/ucma.c contains a use-after-free, as the context of the ctx variable is accessed through ctxlist in certain situations where ucmamigrateid is called, specifically when ucmaclose is invoked. This issue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed double-release of the compute pasid. If kfdprocessdeviceinitvm returns an error after the vm is converted to a compute vm and vm-pasid is set to compute pasid, KFD will not take the pdd-drmfile reference. As a...

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allows exposure of file descriptors to an unintended control sphere, because rdainterpret uses a privileged pipe without the closeonexec flag...

Astra Linux – Vulnerability in openimageio

There is an information disclosure vulnerability in the DPXOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput object can lead to the leakage of heap data. An attacker can provide malicious input to trigger this vulnerability...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed a race condition between element replacement and close. The element replacement with a socket that is different from the one stored may race with the close operation, where the link of the socket is popped...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/core: The handling of buffer mapping fails correctly in perfmmap. After a buffer is successfully allocated or attached to an existing buffer, perfmmap attempts to map the buffer into the page table in read-only mode. If this...