OESA-2026-2492 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indxread is called when we have some NTFS directory operations that need more information from the index...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoided invalid memory access via nodeonlineNUMANONODE. KASAN reports: 4.668325 T0 BUG: KASAN: wild-memory-access in dmarparseonerhsa arch/x86/include/asm/bitops.h:214, arch/x86/include/asm/bitops.h:226,...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: Fixed a use-after-free issue when volume resizing failed. There is a use-after-free problem reported by KASAN: ========================================= BUG: KASAN: Use-after-free in ubiebacopytable+0x11f/0x1c0 Reading of si...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: iommu: Fixed potential use-after-free during probe Kasan has reported the following use-after-free on dev-iommu. When a device probe fails and the dev-iommu is being freed, the deferredprobeworkfunc function runs in parallel a...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: fixed a UAF vulnerability by acquiring the blkcg lock before destroying the blkg. KASAN reports a use-after-free issue during the fuzz test: 693354.104835...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fixed a use-after-free in bpfxdplinkrelease The issue occurs between devgetbyindex and devxdpattachlink. At this point, devxdpuninstall is called. As a result, the xdp link will not be automatically detached when the...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bcm: Fixed a UAF in bcmprocshow. Bug: KASAN: A “slab-use-after-free” issue occurred in bcmprocshow+0x969/0xa80. A size 8 byte read was performed at address ffff888155846230 by the task cat/7862. CPU: 1; PID: 7862; Comm: cat; Not...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fixed the issue “KASAN: slab-use-after-free Read in ibdevicerename”. Call Trace: dumpstack: lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0: lib/dumpstack.c:120 printaddressdescription: mm/kasan/report.c:408 inline...

Linux Distros Unpatched Vulnerability : CVE-2026-43015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note...

CVE-2026-43015

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platformdeviceunregister may still want to use the registered clks during runtime resume callback. Note that there is a commit d82d5303c4c5 "net: macb: fix use after free on...

CVE-2026-31636

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgkverifyauthenticator copies authlen bytes into a temporary buffer and then passes p + authlen as the parser limit to rxgkdoverifyauthenticator. Since p is a be32 , that inflate...

EUVD-2026-24892

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref on l2capsockreadycb Before using sk pointer, check if it is null. Fix the following: KASAN: null-ptr-deref in range 0x0000000000000260-0x0000000000000267 CPU: 0 UID: 0 PID: 5985 Comm:...

CVE-2026-31500

The CVE-2026-31500 issue affects the Linux kernel Bluetooth Intel btintel driver. A data race allowed two __hci_cmd_sync() paths (HCI_OP_RESET and Intel-exception-info) to run without hci_req_sync_lock, risking concurrent access to hdev->req_status/req_rsp and a slab-use-after-free in kfree_sk...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007450)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007450 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported b...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007511)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007511 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIOTHROTTLED when bio has been throttled 1.In current process, all bio will set...

CVE-2026-23428

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...

Linux Distros Unpatched Vulnerability : CVE-2026-23378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the...

UBUNTU-CVE-2025-71234

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxustaadd The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for driver private station data in stainfoalloc. When rtl8xxxustaadd accesses...

CVE-2026-23184

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF in bindernetlinkreport Oneway transactions sent to frozen targets via binderproctransaction return a BRTRANSACTIONPENDINGFROZEN error but they are still treated as successful since the target is expected to thaw a...

kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ibregisterdevice" problem Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:408 inline...