231 matches found
CVE-2026-52942
In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...
UBUNTU-CVE-2026-52942
In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsidebug: Fixed the type of mint to avoid stack out-of-bounds situations. Changed mint to use the type “u32” instead of “int” to prevent stack out-of-bounds conditions. When mint uses the “int” type, values are...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. We need to allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition, as shown below. Create a file with a compresse...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000: using vmmtable as an array in the wilc struct. Enabling KASAN and running some iperf tests causes some memory issues related to vmmtable. Bug: KASAN: Out-of-bounds write in wilcwlanhandletxq+0x6ac/0xdb4. A size of...
Linux Distros Unpatched Vulnerability : CVE-2026-46116
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load ...
EUVD-2026-32875
In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k: Update the channel list in the notifier instead of using the reg worker Currently, when ath11k receives a new channel list, it processes it according to the following steps: 1. Update the new channel list to cfg8021...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, there is a fix for a use-after-free of sk-sksocket in skpsockverdictdataready. The syzbot reported a use-after-free of the sk-sksocket of an AFUNIX socket in skpsockverdictdataready. 0 In the unixstreamsendmsg...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller, we encounter an out-of-bound error. The specific error message is: “KASAN: slab-out-of-bounds Read in regcacheflatread” The backtrace of the issue i...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: um: Fixed an out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: Out-of-bounds acces...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: - loop0: A change in capacity was detected, from 0 to 2048. - EXT4-fs loop0: The filesystem...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy; otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: added a sentinel to xehpoabcounters. Arrays passed to reginrangetable should end with an empty record. The patch fixes a bug detected by KASAN with the following signature: BUG: KASAN: global-out-of-bounds in...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ARM: 9381/1: kasan: cleared stale stack poison We have identified the following OOB crash: 33.452494 ================================================================== 33.453513 BUG: KASAN: stack-out-of-bounds in...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: pn533: Wait for outurb’s completion in pn533usbsendframe A use-after-free issue occurred in hcd when the inurb sent from pn533usbsendframe was completed earlier than outurb. The callback in pn533sendComplete frees the skb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/mbox: The payload size is validated before accessing the contents of cxlpayloadfromuserallowed. The cxlpayloadfromuserallowed function casts and dereferences the input payload without first verifying its size. When a raw...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the sanity check on ixattrnid in sanitycheck inode. syzbot reports a kernel bug as follows: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 --- Bugs reported by syzbot: - KASAN: Out-of-bounds access in...
SUSE CVE-2026-31699
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...