SUSE CVE-2026-53282

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Push kjump return address even for non-kjump kexec The version of purgatory code shipped by kexec-tools attempts to look above the top of its stack to find a return address for a kjump, even in a non-kjump kexec. After...

SUSE CVE-2026-53291

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/conexant: Fix missing error check for jack detection In cxprobe, the return value of sndhdajackdetectenablecallback is ignored. This function returns a pointer, and if it fails e.g., due to memory allocation failure, it...

PT-2026-52946

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pinconf generic parse dt pinmux function where it assumes the pinmux property is not empty when present. If the pinmux property is empty, the allocator returns a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ICE: Avoid crashes due to unnecessary IDA frees. In the “remove path”, there is an attempt to free the auxidx IDA, regardless of whether it was allocated or not. This could potentially cause a crash when unloading the driver on...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: octeonep VF: Fixed the issue where the devid used in the freeirq function did not match the original devid during the IRQ rollback process. The octepvfrequestirqs function requests MSI-X queues for IRQs with the devid set to...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix bridge mode operations when there are no VFs Currently, attempting to set the bridge mode attribute when numvfs=0 leads to a crash: bridge link set dev eth2 hwmode vepa 168.967392 BUG: kernel NULL pointer dereferenc...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipmr: Do not call mrmfcusesdev for unres entries syzbot discovered that calling mrmfcusesdev for unres entries could cause a crash 1. This is because c-mfcun.res.minvif/c-mfcun.res.maxvif aliases “struct skbuffhead unresolved”,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: pdscore: Handling of unsupported PDSCORECMDFWCONTROL results If the firmware does not support the PDSCORECMDFWCONTROL command, the driver may, at least, print garbage output. In the worst case, it may crash when the user runs the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU. The runtime PM suspend callback does not know whether the IRQ handler is in progress on a different CPU core and therefore does not wait for it to finish. Dependi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Added mutual exclusion in procsctpdoudpport. We must serialize calls to sctpudpsockstop and sctpudpsockstart, or risk a crash, as syzbot reported: Oops: General protection fault, likely due to a non-canonical address...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using queues that do not exist can cause the kernel to panic with rtl8180/rtl8185 cards. For these cards, ignore the skb priority; they only have one tx queue. Pierre Asselin...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf,perf: Fixed an invalid progarray access in perfeventdetachbpfprog Syzbot reported a crash that occurs in the following tracing scenario: - Create a tracepoint with attr.inherit=1, attach it to the process, and set the BPF...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/smc: Check smcdv2extoffset when receiving a proposal message. When receiving a proposal message from the server, the smcdv2extoffset field in the proposal message comes from the remote client, and cannot be fully trusted. Onc...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In media: iris: gen2, a sanity check for session termination was added. In iriskillsession, inst-state is set to IRISINSTERROR, and sessionclose is executed, which will free memory allocated to insthfigen2-packet. If stopstreamin...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ethtool: checks whether the device is present when obtaining link settings. A sysfs reader may race with a device that is reset or removed, attempting to read the device’s state when the device is not actually present. For exampl...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix for crashes occurring upon reactivation of the regular task queue rq. When the regular task queue is reactivated after the XSK socket is closed, it may read stale cancellation requests cqes, which can eventual...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Fix handling of zero block length packets When connecting to a Linux host with CDCNCMNTBDEFSIZETX set to 65536, it was observed that we receive short packets, which sometimes occur at intervals of 5–10 seconds...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - media: v4l2-subdev: Fixed an issue with the check for allocation failures in v4l2subdevcallstatetry. The v4l2subdevcallstatetry macro uses v4l2subdevstatealloc to allocate a subdev state, but does not check the returned valu...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Do not access invalid sched. Since 2320c9e6a768 “drm/sched: memset ‘job’ in drmschedjobinit”, accessing job-base.sched can produce unexpected results, as the initialization of job-base.sched during amdgpujoballoc is...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: Check the send stream number after waitforsndbuf This patch addresses a corner case where the number of out streams may change after waitforsndbuf is called. When the main thread in the client initiates a connection, if the...