Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed handling of connection failures In cases where immediate MPA Media Plane API request processing fails, the newly created endpoint unlinks from the listening endpoint and becomes ready to be dropped. This special...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fixed the issue of information leakage due to DMAFROMDEVICE. The problem I’m addressing was discovered during the LTP test covering cve-2018-1000204. A brief description of what happens is as follows: 1 The test case sen...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emactxmemmap The DMA mappings were exposed due to mapping errors. These mappings can now be freed using the existing emacfreetxbuf function...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mmc: jz4740: Apply DMA engine limits to maximum segment size Follow the approach used in other DMA-enabled MMC host drivers see host/mmci.c, and limit the maximum segment size based on the capabilities of the DMA engine. This is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fixed the issue of releasing the DMA channel in stm32spdifrxRemove. In case of an error when requesting the ctrlchan DMA channel, the pointer to ctrlchan is not null. Therefore, releasing the DMA channel lea...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: lltemac: Ensure that the skb is freed when it is completely used. By using the TX BD to track the skb pointer, we can efficiently free the skb buffer after a frame has been transmitted. However, to avoid freeing the skb whil...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Media: PCI: cx23885: Fixed error handling in cx23885initdev When the driver fails to call dmasetmask, the driver will encounter the following error: 55.853884 BUG: KASAN: Use-after-free in processremoveddriver+0x3c/0x240 55.85448...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firmware: armffa – Set dmamask for FFA devices. Setting dmamask for FFA devices is necessary; otherwise, DMA allocation using the device pointer may lead to the following warning: WARNING: CPU: 1, PID: 1, at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xdp: generate a warning when the calculated tailroom is negative Many Ethernet drivers report that the xdp Rx queue frag size is the same as the DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dma-debug: fixed a possible deadlock in radixlock. radixlock should not be held while holding dmahashentryidx.lock. Otherwise, a deadlock scenario may occur when the dma debug API is called while holding rqlock: CPU0 CPU1 CPU2...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/rds: fixed the possible null dereference of cp The cp parameter may be null. Calling cp-cpconn would result in a null dereference. Simon Horman adds: Analysis: cp is a parameter of rdsrdmamap and is not reassigned. The...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23033)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-71191)

In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 dmaengine: athdmac:...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

kernel: RDMA/rxe: Fix double free in rxe_srq_from_init

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

SUSE-SU-2026:2332-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31629: nfc: llcp: add missing return after LLCPCLOSED checks bsc1263790. - CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1263995. - CVE-2026-43206:...