Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed an issue where the buffer of extents was freed twice. In ext4exttrytomergeup, the path1.pbh was set to NULL after it was released. Otherwise, it might be released twice. An example of what triggers this is as...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed double-release of the compute pasid. If kfdprocessdeviceinitvm returns an error after the vm is converted to a compute vm and vm-pasid is set to compute pasid, KFD will not take the pdd-drmfile reference. As a...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a double release of memory during the error path in the RDMA vmwpvrdma driver’s pvrdmaallocuconte...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the createspaceinfo function in btrfs. This error leads to a double release of spaceinfo...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the txspare pointer in the hns3 network card driver is not cleared after backup,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear the erriov and errbuftype fields during the smb2openfile function. This...

PuTTY 资源管理错误漏洞

PuTTY is a suite of free Telnet, Rlogin and SSH client software from the individual developer Simon Tatham. The software is primarily used for remote administration of Linux systems. A resource management error vulnerability exists in PuTTY versions prior to 0.84, which stems from a double releas...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Unnecessary ofnodeput function removed from felixParseportsnode. The unnecessary ofnodeput function was removed from the continue path to prevent a child node from being released twice, which could lead to resource leak...

babl 资源管理错误漏洞

Babl is a GEGL open-source image processing library that supports high-performance pixel format conversion and image data processing. Version 0.1.62 of Babl contains a resource management vulnerability. This vulnerability stems from a failure in the double release detection mechanism. It could...

PoDoFo 资源管理错误漏洞

PoDoFo is a free, portable C++ library open sourced by PoDoFo. Versions of PoDoFo from 1.0.0 to 1.0.4 had a resource management bug. This bug stemmed from a double release in the computehashtosign function. When the EVPDigestFinal function failed after the buf had already been released, the error...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the function qla2x00elsdcmdspfree, where the fcport variable is released twice after the krefput...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from RDMA umem canceling the fixed dmabuf twice in a failed path, potentially leading to resource...

Apache HTTP Server 资源管理错误漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Version 2.4.66 of Apache HTTP Server contains a vulnerability related to resource management...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Unnecessary releasememregion has been removed. The unnecessary releasememregion was removed from the error path to prevent the memregion from being released twice, which could lead to resource leaks or other...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb ulpi driver releasing ulpi again after calling putdevice in the ulpiregisterinterface error path,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the kasanfreepxd function assuming that the page table is always aligned according to struct page...

SUSE CVE-2026-31629

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...

CVE-2026-31629

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...

DEBIAN-CVE-2026-31629

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...

CVE-2026-31629 nfc: llcp: add missing return after LLCP_CLOSED checks

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...