CVE-2026-46223

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

EUVD-2026-32850

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

CVE-2026-46170

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: free sk if last When an ADDADDR is retransmitted, the sk is held in skresettimer, and released at the end. If at that moment, it was the last reference being held, the sk would not be freed. sockput should...

SUSE CVE-2026-46008

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the damonctx-kdamond so that API callers and API functions themselves can show t...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: i2c: lpi2c: Avoid calling clkgetrate during transfer Instead of repeatedly calling clkgetrate for each transfer, lock the clock rate and cache the value. A deadlock was observed when adding the tlv320aic32x4 audio codec to the...

EUVD-2026-28555

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

CVE-2026-43446

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pmruntimeresumeandget, it can...

CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

CVE-2026-43216

Summary of CVE-2026-43216 : In the Linux kernel, skb_may_tx_timestamp() could acquire sock::sk_callback_lock in IRQ context, risking a deadlock if the lock was already write-locked on the same CPU. The fix drops the lock and uses READ_ONCE() / WRITE_ONCE() to safely access and clear the pointers ...

PT-2026-37467

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in run unpack ex Syzbot reported a circular locking dependency between wnd-rw lock sbi-used.bitmap and ni-file.run lock. The deadlock scenario: 1. ntfs extend mft takes ni-file.run lock then...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: afbluetooth: Fix deadlock Attemting to do socklock on .recvmsg may cause a deadlock as shown bellow, so instead of using socksock this uses skreceivequeue.lock on btsockioctl to avoid the UAF: INFO: task kworker/u9:1:1...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fixes a bug where an initiator thinks a LUNRESET has cleaned up running commands when it hasn't. The bug was added in commit 51ec502a3266 "target: Delete tmr from list before...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: Always flush async PF workqueue when vCPU is being destroyed Always flush the per-vCPU async PF workqueue when a vCPU is clearing its completion queue, e.g. when a VM and all its vCPUs is being destroyed. KVM must ensure tha...

CVE-2026-31486

The CVE-2026-31486 entry concerns the Linux kernel hwmon/pmbus/core regulator operations (get_voltage, set_voltage, list_voltage) not being mutex-protected, risking race conditions when accessing PMBus registers and shared data. The fix reworks pmbus_regulator_notify() to perform notifications vi...

Linux Distros Unpatched Vulnerability : CVE-2026-31486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwmon: pmbus/core Protect regulator operations with mutex The regulator operations pmbusregulatorgetvoltage, pmbusregulatorsetvoltage, and...

net: phy: register phy led_triggers during probe to avoid AB-BA deadlock

...

CVE-2026-23368

In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy ledtriggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDSTRIGGERNETDEV and LEDTRIGGERPHY are enabled: 1362.049207 ledtriggerregister+0x5c/0x1fc...

CVE-2025-71233

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Avoid creating sub-groups asynchronously The asynchronous creation of sub-groups by a delayed work could lead to a NULL pointer dereference when the driver directory is removed before the work completes. The crash...

f2fs: fix to avoid potential deadlock

...