1008 matches found
EUVD-2026-39223
In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...
EUVD-2026-39210
In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...
CVE-2026-53243
The CVE-2026-53243 entry describes a Linux kernel issue in rseq_exit_user_update() where an uninitialized stack variable is used during initialization of ids in the rseq_ids struct. The bug arises because the inline initialization of struct rseq_ids ids can evaluate cpu_to_node(ids.cpu_id) before...
CVE-2026-53135
CVE-2026-53135: Linux kernel drm/amd/display SDP debugfs vulnerability fixed. The function dp_sdp_message_debugfs_write() dereferenced connector->base.state->crtc without NULL checks, which could occur when a connector is connected but not bound to a CRTC (e.g., after hot-plug). This caused...
CVE-2026-57589
sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...
EUVD-2026-38821
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address 0x7fffffff844eaaa7: 0000 1 SMP NOPTI Call Trace: dorawspinlock+0xaa/0x...
kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the inode leak in btrfsiget. BUG There is a bug report that a syzbot reproducer can lead to the following busy inode at unmount time: - BTRFS info device loop1: Last unmount of the filesystem...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: The IOWQBITEXIT check is performed within the work run loop. Currently, this check is performed before running the pending work. Normally, this is completely fine, as the work items either end up blocking other tas...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ice: Fixed a null pointer dereference in icecopyandinitpkg. Added a check on the return value of devmkmemdup to prevent potential null pointer dereferences...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Refresh the inline data size before write operations The cached ei-iInlineSize can become stale between the initial size check and when ext4updateInlineData/ext4createInlineData use it. Although ext4getmaxInlineSize reads t...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tcpbpf: The return value of tcpbpfsendmsg was corrected. When we use the cork mechanism in psock-cork, the last message triggers flushing, resulting in sending a skmsg that is larger than the current message size. In this case, i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Fixed the issue with VMBUGONPAGEPagePoisonedpage when unpoisoning memory. When I performed memory failure tests, the following panic occurred: Page dumped because: VMBUGONPAGEPagePoisonedpage. Kernel BUG at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid accessing uninitialized curseg. The syzbot reports the following f2fs bug: F2FS-fs loop3: The filesystem stopped due to the reason: 7. kworker/u8:7: Attempt to access beyond the end of the device. Bug: Unable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ceph: avoided a kernel bug for encrypted inodes with unaligned file sizes The generic/397 test encountered a bug in the case of encrypted inodes with unaligned file sizes for example, 33K or 1K: 877.737811 ran fstests generic/397...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Allow ext4getgroupinfo to fail. Previously, ext4getgroupinfo would treat an invalid group number as a BUG, since this should theoretically never happen. However, if a malicious attacker modifies the superblock via the block...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mm: Fixed a kernel bug where userfaultfdmove encountered swapcache. userfaultfdmove checks whether the PTE entry is present or a swap entry. - If the PTE entry is present, movepresentpte handles folio migration by setting:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: brwifi: brcmfmac – Fixed a potential kernel error when the probe function fails. When the probe of the sdio brwifi brcmfmac device fails for certain reasons e.g., missing firmware, the sdiodev-bus is set to “error” instead ...