EUVD-2026-38841

In the Linux kernel, the following vulnerability has been resolved: futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing CLONETHREAD. This breaks the non-concurrency assumptions when doing the...

UBUNTU-CVE-2026-52942

In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach Syzbot reported a use-after-free in tundetach. This causes a call trace like the following: ================================================================== BUG: KASAN: use-after-free i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iouring: fixed the error in pbuf checking Syz reports a problem, which boils down to inconsistent error handling of NULL vs ISERR in ioallocpbufring. KASAN: nullptrderef in the range 0x0000000000000000-0x0000000000000007 RIP:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed an issue where the perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput. syzkaller reports a issue with a stack-out-of-bounds condition. The call trace is as follows: dumpstack+0x9c/0xd3,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/ipv6: avoided a possible Use After Free UAF in ip6routempathnotify syzbot discovered another use-after-free in ip6routempath Notify. 1 The commit f7225172f25a “net/ipv6: prevent use after free in ip6routempath Notify” fail...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fixed the issue where the RPC client cleaned up the freed pipefs directories. The cleanup of the RPC client’s pipefs directories is handled in the rpcremovepipedir function, which processes the workqueue. This function...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed null-ptr-deref in l2capsockresumecb. syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar issue that was fixed in commit 1bff51ea59a9 “Bluetooth: fixed use-after-free errors i...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: spmi: In the trace function, there was an issue where access to memory was out of bounds. This issue was fixed by using the length “len” instead of “len + 1”. The functions tracespmiwritebegin and tracespmireadend both use memcpy...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller, we encounter an out-of-bound error. The specific error message is: “KASAN: slab-out-of-bounds Read in regcacheflatread” The backtrace of the issue i...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy; otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mediatek: mt8365-dai-i2s: pass the correct size to mt8365daisetpriv In mt8365daisetpriv, it is necessary to allocate privsize space to copy privdata. This means that we should pass mt8365i2sprivi or “struct mtkafei2spriv...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommu: Fixed potential use-after-free during probe Kasan has reported the following use-after-free on dev-iommu: When a device probe fails and the dev-iommu is being freed. In the deviommufree function, deferredprobeworkfunc...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the issue “KASAN: slab-use-after-free Read in ibdevicerename”. Call Trace: dumpstack: lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0: lib/dumpstack.c:120 printaddressdescription: mm/kasan/report.c:408 inline...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: - loop0: A change in capacity was detected, from 0 to 2048. - EXT4-fs loop0: The filesystem...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Can: kvaserpciefd: refined error-prone handling of echoskbmax echoskbmax should define the supported upper limit for echoskb, which is allocated within the private space of the netdevice. The corresponding size value provided ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Added a missing terminator for zen5rdseedmicrocode Running x86matchminmicrocoderev on a Zen5 CPU results in a KASAN exception due to an out-of-bounds access...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: bcm: added locking for bcmop runtime updates. The CAN broadcast manager CAN BCM can send a sequence of CAN frames via hrtimer. The content and length of the sequence can be changed during runtime, after which the ‘currframe’...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: fs: udf: Fix for OOB read in lengthAllocDescs handling When parsing the Allocation Extent Descriptor, lengthAllocDescs is derived from disk-based data and must be validated against the block size. Corrupted or crafted images m...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bfq: fixed a use-after-free in bfqdispatchrequest KASAN reported a use-after-free when performing normal scsi-mq tests 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...