335 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Free routing table on probe failure If complete is set to true in dsatreesetup, it means that we are the last switch in the tree that is being probed successfully. We should then set up all switches along our probe path...
CVE-2026-52910
In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fixed a use-after-free in bpfxdplinkrelease. The issue occurs between devgetbyindex and devxdpattachlink. At this point, devxdpuninstall is called. As a result, the xdp link will not be automatically detached when the...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: fixed a UAF vulnerability by acquiring the blkcg lock before destroying the blkg. KASAN reports a use-after-free issue during the fuzz test: 693354.104835...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: block, bfq: fixed the UAF in wakerbfqq after bfqsplitbfqq Our syzkaller report identifies the following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfqinitrq+0x175d/0x17a0 block/bfq-iosched.c:6958 A size 8 read at address...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed a use-after-free issue when volume resizing failed. There is a use-after-free problem reported by KASAN: ========================================= BUG: KASAN: Use-after-free in ubiebacopytable+0x11f/0x1c0 ubi A read of...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubifs: Authentication: Fixed a use-after-free in ubifstncendcommit. After an insertion in TNC, the tree may split, causing a node to change its znode-parent. Further deletions of other nodes in the tree which could also free thos...
OESA-2026-2492 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indxread is called when we have some NTFS directory operations that need more information from the index...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the issue “KASAN: slab-use-after-free Read in ibdevicerename”. Call Trace: dumpstack: lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0: lib/dumpstack.c:120 printaddressdescription: mm/kasan/report.c:408 inline...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed null-ptr-deref in l2capsockresumecb. syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar issue that was fixed in commit 1bff51ea59a9 “Bluetooth: fixed use-after-free errors i...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoided invalid memory access via nodeonlineNUMANONODE. KASAN reports: 4.668325 T0 BUG: KASAN: wild-memory-access in dmarparseonerhsa arch/x86/include/asm/bitops.h:214, arch/x86/include/asm/bitops.h:226,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: vivid: The size of the composition has been changed. syzkaller discovered a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern, drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN:...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: The issue involves bcm: – a UAF Use-After-Free flaw in bcmprocshow. Bug: KASAN: A slabuse-after-free issue occurs in bcmprocshow+0x969/0xa80. A size 8 data block was read from address ffff888155846230 by the task cat/7862. CPU: 1...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs entries past the “end” entry. Once inside ‘ext4xattrinodedecrefall’, we should ignore xattrs entries that are located after the “end” entry. This fixes the following issue reported by KASAN: BUG: KASAN:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: iommu: Fixed potential use-after-free during probe KASAN has reported the following use-after-free in dev-iommu: When a device probe fails and the dev-iommu is being freed. In the deviommufree function, deferredprobeworkfunc...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a possible “use-after-free” issue in ftracelocation. KASAN reports a bug: BUG: KASAN: use-after-free in ftracelocation+0x90/0x120 Reading an 8-byte value at address ffff888141d40010 by task insmod/424 CPU: 8 PID:...
Linux Distros Unpatched Vulnerability : CVE-2026-43015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note...
CVE-2026-43015
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...
CVE-2026-31636
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...
EUVD-2026-24892
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref on l2capsockreadycb Before using sk pointer, check if it is null. Fix the following: KASAN: null-ptr-deref in range 0x0000000000000260-0x0000000000000267 CPU: 0 UID: 0 PID: 5985 Comm:...