Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so it isn’t under RCU. Using skdstgetsk-dev could trigger a Use-After-Forgiving UAF error. Let’s use skdstget and dstdevrcu...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu – fixed a buffer overflow issue in the hwdep read function for DSP events. The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, especially when the user provided a...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Networks: Bridge: MST: Fixed suspicious RCU usage in brmstsetstate. I converted brmstsetstate to RCU to avoid a vlan use-after-free, but I forgot to change the vlangroupdereferencehelper. I switched to using the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm: Do not attempt to NUMA-migrate COW pages that have other uses. Oded Gabbay reported that enabling NUMA balancing causes corruption in his Gaudi accelerator test. He described the situation as follows: “All the details are in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: raw: Fixed NULL dereference in rawgetnext. Dae R. Jeong reported a NULL dereference in rawgetnext. It seems that the reproduction test was running these sequences in parallel, so one thread was iterating over a socket that was...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read from and write to shared, unencrypted memory directly. This may lead to the leakage of information, as well as allowing the host to tamper with the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-multipath: fixed the suspicious RCU usage warning When I run the NVME over TCP test in virtme-ng, I receive the following “suspicious RCU usage” warning in nvmempathaddsysfslink: ''' 5.024557 T44 nvmet: Created nvm...

Astra Linux – Vulnerability in node-es5-ext

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. This vulnerability has been fixed in v0.10.63...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: CFI: Fixed the use of cfislowpathdiag with cpuidle. The use of RCUNONIDLE during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path. WARNING: CPU: 1, PID: 0, at kernel/rcu/tree.c:613, rcueqsenter+0xe4/0x1...

Astra Linux – Vulnerability in libsdl2

SDL Simple DirectMediaLayer from version 2.0.12 has an integer overflow issue, which leads to heap corruption when using SDLBlitCopy in the video/SDLblitcopy.c file, due to a specially crafted .BMP file...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the ice module, the value of fragsize in the XDP RxQ information was changed from the DMA write length to xdp.framesz. The only user of the fragsize field in the XDP RxQ information is bpfxdpfragsincreasetail. This function...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Handle the mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing calls to sendpage and sendmsgMSGZEROCOPY using the same TCP socket would trigger the infamous warning in inetsockdestruct. c WARNONskforwardallocgetsk;...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ovl: The WARNON message was removed from the ovlverifyarea function. The syzbot botnet encountered an assertion issue within the copyupdata loop. This issue appears to be caused by a lower file whose size is being changed under...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/packet: fixed a slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket uses PACKETCOPYTHRESH and mmap operations, tpacketrcv queues skbs with garbage in skb-cb, causing an excessive copy 1...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the cleanup flow for mlx5eprivinit. When mlx5eprivinit fails, the cleanup flow calls mlx5eselqcleanup, which in turn calls mlx5eselqapply. This ensures that priv-statelock is held using lockdepisheld. The statelo...

Astra Linux - уязвимость в libssh

A malicious SCP server can send unexpected commands that may cause the client application to override local files outside of the working directory. This could be exploited to create malicious executable or configuration files, causing the user to execute them with specific consequences. This is t...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copyfail-check Shell scripts to detect Linux kernel vulnera...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail Guard text...

linux-copy-fail-exploit

CVE-2026-31431 Copy Fail - LPE Exploit PoC !Pythonhttps:...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Copy Fail Detection Tool A comprehensive det...