EUVD-2026-39210

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

EUVD-2026-38821

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address 0x7fffffff844eaaa7: 0000 1 SMP NOPTI Call Trace: dorawspinlock+0xaa/0x...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Bail out from dwc3gadgetexit if dwc-gadget is NULL. There exists a possible scenario in which dwc3gadgetinit may fail: during the switch between peripheral and host modes in dwc3setmode, and if a pending gadget...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the inode leak in btrfsiget. BUG There is a bug report that a syzbot reproducer can lead to the following busy inode at unmount time: - BTRFS info device loop1: Last unmount of the filesystem...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid accessing uninitialized curseg. The syzbot reports the following f2fs bug: F2FS-fs loop3: The filesystem stopped due to the reason: 7. kworker/u8:7: Attempt to access beyond the end of the device. Bug: Unable...

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag: Universal Linux LPE Abstract This document e...

CVE-2026-43427

The CVE covers a Linux kernel issue in the usb: class: cdc-wdm read path. Due to compiler optimization or CPU out-of-order execution, desc->length could be updated after a memmove, causing wdm_read() to observe a new length and copy_to_user() from uninitialized memory, violating LKMM data race...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed an array-index-out-of-bounds issue in diNewExt Syz report UBSAN: array-index-out-of-bounds in fs/jfs/jfsimap.c:2360:2 Index -878706688 is out of range for the type 'struct iagctl128' CPU: 1 PID: 5065 Comm:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: riscv: The issue with the handling of SRSPIE set/clear operations during uprobe has been fixed. In riscv, the process of uprobe involves clearing the SPIE before executing the original instruction, and setting the SPIE after...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: hamradio: Fixed a memory leak in mkissclose. My local syzbot instance encountered a memory leak in mkissopen1. The issue arose from the missing freenetdev call in mkissclose. In mkissopen, netdevice is allocated and then...

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail – a 4‑byte page‑cache write prim...

PT-2026-35872

Name of the Vulnerable Software and Affected Versions xen affected versions not specified Description Security issues were identified and addressed in the xen-4.21.1 04-1.1 package on the GA media of openSUSE Tumbleweed. Recommendations Update to the xen-4.21.1 04-1.1 package...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010787 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target...

ROS-20260313-73-0041

A vulnerability in the l2capsockresumecb function of the Bluetooth component of the Linux operating system kernel is related to post-release usage errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005711)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005711 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sitbitmapsize w/ below testcase, resize will generate a corrupted...

kernel: Bluetooth: hci_event: call disconnect callback before deleting conn

A flaw was found in the Linux kernel in which a callback is not called when a Bluetooth peripheral is disconnected. This flaw leads to a use-after-free, which an attacker could use to escalate their privileges, corrupt system memory, or otherwise cause a denial of service...

CVE-2026-23010 ipv6: Fix use-after-free in inet6_addr_del().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6addrdel. syzbot reported use-after-free of inet6ifaddr in inet6addrdel. 0 The cited commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary addresses in...

CVE-2026-22976

CVE-2026-22976 affects the Linux kernel’s net/sched sch_qfq, where two qfq_class objects can reference the same leaf_qdisc. In certain teardown paths (e.g., when a qdisc is pending destruction via tc_new_tfilter and another qdisc is root-attached), a shared leaf_qdisc may have q.qlen > 0 while...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001396 advisory. ext4emptydir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because ext4readdirblockinode,0,DIRENTHTREE can be zero. Tenable...