1008 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - Ice: Fixed the KASAN error in the LAG NETDEVUNREGISTER handler. Currently, the same handler is called for both the NETDEVBONDINGINFO LAG unlink notification and the NETDEVUNREGISTER call. This causes a problem, as the...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed the bug in estreesearch Hulk Robot reported a BUG: kernel BUG at fs/ext4/extentsstatus.c:199! ... RIP: 0010:ext4esend fs/ext4/extentsstatus.c:199 inline RIP: 0010:estreesearch+0x1e0/0x260 fs/ext4/extentsstatus.c:21...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add addpages override for PPC With commit ffa0b64e3be5 "powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit" the kernel now validate the addr against highmemory value. This results in the below BUGON with da...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an uninitialized value in ‘ext4evict inode’. Syzbot identified the following issue: ===================================================== BUG: KMSAN: Uninitialized value in ext4evict inode+0xdd/0x26b0,...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: hamradio: Fixed a memory leak in mkissclose. My local syzbot instance encountered a memory leak in mkissopen1. The issue arose from the missing freenetdev call in mkissclose. In mkissopen, netdevice is allocated and then...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed the issue where a new block group that becomes unused after creation could be reclaimed by using “use-after-free” behavior. If a task creates a new block group and that block group becomes unused before its creation ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm/slub: Fixed the issue by returning errno if kmalloc fails. In createuniqueid, kmalloc, GFPKERNEL may fail due to out-of-memory conditions. If this happens, errno should be returned correctly instead of triggering a panic via...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: Make sure to wait for page writeback in memoryfailure. Our syzkaller triggers "BUGON!listempty&inode-iwblist" in clearinode: - Kernel bug at fs/inode.c:519! - Internal error: Oops – Bug: 0 1 SMP - Modules linke...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: f2fs: Ensure that node page reads are completed before f2fsputsuper finishes. The Xfstests generic/335 and generic/336 tests sometimes crash with the following message: F2FS-fs dm-0: Detect a reference count leak in the filesyste...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fixed the issue where immediate work requests were flushed to the completion queue prematurely. The opcode of the send queue element was correctly set during the flushing of immediate work requests in the post-sendqueue...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Proper initialization of the struct pn533outarg structure. The struct pn533outarg, which serves as a temporary context for outurb, is not initialized properly. Its uninitialized ‘phy’ field can be dereferenced in erro...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed a failure to detect corruption of DAT files in btree and direct mappings. The patch series is titled “nilfs2: Fix kernel bug at submitbhwbc”. This resolves a kernel bug reported by syzbot. Since there are two...
Linux Distros Unpatched Vulnerability : CVE-2026-43046
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use...
CVE-2026-43046
CVE-2026-43046 affects the Linux kernel, specifically btrfs relocation logic where a non-zero drop_progress with drop_level == 0 can be observed in a read-back root_item. The root_item invariant is now validated in the tree-checker when reading from disk: if drop_progress.objectid is non-zero, dr...
CVE-2026-43046 btrfs: reject root items with drop_progress and zero drop_level
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...
CVE-2026-43046
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject root items with dropprogress and zero droplevel BUG When recovering relocation at mount time, mergerelocroot and btrfsdropsnapshot both use BUGONlevel == 0 to guard against an impossible state: a non-zero dropprogre...
CVE-2026-43027 netfilter: nf_conntrack_helper: pass helper to expect cleanup
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the help...
CVE-2026-43012
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...
CVE-2026-43006 io_uring/rsrc: reject zero-length fixed buffer import
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...
CVE-2026-31702
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fscompresswriteendio In f2fscompresswriteendio, decpagecountsbi, type can bring the F2FSWBCPDATA counter to zero, unblocking f2fswaitonallpages in f2fsputsuper on a concurrent unmount CPU. The...