CVE-2026-55838

CVE-2026-55838 (RustFS) : In versions up to 1.0.0-beta.7, the real-time metrics endpoint /rustfs/admin/v3/metrics is accessible to any valid IAM user, because MetricsHandler skips the admin-request validation that other admin handlers perform. As a result, a user whose policy allows only their ow...

EUVD-2026-39886

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption Commit 60f030f7418d "iommu/vt-d: Avoid use of NULL after WARNONONCE" fixed a NULL pointer dereference in an unlikely situation partly. If devpasid is not found in...

CVE-2026-0828 Kernel driver vulnerability in Safetica Endpoint Client

Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...

CVE-2026-52952

A flaw was found in the Linux kernel's Input/Output Memory Management Unit IOMMU subsystem, which manages how devices access system memory. A race condition, a situation where multiple operations occur in an unpredictable order, exists during device recovery when multiple memory domains are being...

EUVD-2026-39256

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

CVE-2026-53133

The CVE-2026-53133 issue affects the Linux kernel RDMA/umem path where, when IOMMU is used, a single very large block can be split across multiple SG entries. During reassembly in __rdma_block_iter_next(), 32-bit stack values can overflow, leading to incorrect DMA addresses for blocks after trunc...

CVE-2026-53124

A flaw was found in the ublk subsystem of the Linux kernel. When a ublk server fails to complete all I/O input/output operations, a per-I/O cancellation flag may remain set. This prevents the successful cancellation of outstanding I/O commands, potentially leading to resource exhaustion or a deni...

CVE-2026-53123

A flaw was found in the Linux kernel's Multiple Device MD driver, specifically within the raid456 reshape functionality. A local user could trigger a deadlock by freezing the reshape process and writing to the md/suspendlo or md/suspendhi files while direct I/O operations are in progress. This...

CVE-2026-56129

Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory...

EUVD-2026-38991

In the Linux kernel, the following vulnerability has been resolved: md: wake raid456 reshape waiters before suspend During raid456 reshape, direct IO across the reshape position can sleep in raid5makerequest waiting for reshape progress while still holding an activeio reference. If userspace then...

CVE-2026-53123

The CVE relates to the Linux kernel md subsystem during raid456 reshape. If a direct IO operation crosses the reshape boundary, raid5_make_request() can sleep while an active_io reference is held. If userspace freezes reshape and triggers mddev_suspend(), the code kills active_io and waits for in...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: Fixed races between hole punching and AIO+DIO. After the commit “ocfs2: return real error code in ocfs2diowrgetblock”, fstests/generic/300 now sometimes fail instead of always failing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: The IOWQBITEXIT check is performed within the work run loop. Currently, this check is performed before running the pending work. Normally, this is completely fine, as the work items either end up blocking other tas...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reference skb after sending it to VIOS. Previously, after successfully flushing the xmit buffer to VIOS, the txbytes stat was incremented by the length of the skb. It is invalid to access the skb memory after...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: genirq/msi: The IOMMU IOVA is now stored directly in the msidesc, rather than in the iommucookie. The process of translating MSI message addresses using IOMMU involved two steps, separated in time: 1 iommudmapreparemsi: A pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: A overflow issue was identified in IOMMUTESTOPADDRESERVED. syzkaller discovered that this could lead to an overflow in the test infrastructure and cause a WARN message by corrupting the reserved interval tree...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: The notifiers shared by the PCI and VIO buses were fixed. The failiommusetup function registers the failiommubusnotifier struct for both PCI and VIO buses. The struct notifierblock is a linked-list node, which mean...

Astra Linux - Vulnerability in Golang-1.19

On Unix platforms, the Go runtime behaves differently when a binary is run with the setuid/setgid bits enabled. This can be dangerous in certain situations, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standa...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Firmware: qcom: uefisecapp: Fixed memory-related IO errors and crashes. It turns out that while the QSEECOM APPSEND command has specific fields for the request and response buffers, uefisecapp expects both to be in a single memor...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: dm: fixed a NULL pointer race issue when completing IO operations. The dmiodecpending function calls endioacct first, and then decreases the number of pending DMA operations. However, if a task swaps the DM table at the same...