Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fixed null-ptr-deref in r5lFlushStripeToRaid The r5lFlushStripeToRaid function will check whether the list ‘flushingios’ is empty. It will then submit ‘flushbio’. However, r5llogFlushEndio clears the list first, a...

CLSA-2026-1779202006 Fix CVE(s): CVE-2026-43284, CVE-2026-46300, CVE-2026-46333

Ubuntu: 4.15.0-256.267 CVE-2026-46333 - ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333 CVE-2026-46300 - net: skbuff: propagate shared-frag marker through copy/coalesce/gro/shift paths CVE-2026-46300 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...

Linux Distros Unpatched Vulnerability : CVE-2026-43486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64: contpte: fix setaccessflags no-op check for SMMU/ATS faults contpteptepsetaccessflags compared the gathered ptepget value against the requested entry to...

SUSE CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

EUVD-2026-28683

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

CVE-2026-43371

In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the rootfs may take an extended time to recover after a suspend. Upon investigation, it was determined that...

CVE-2026-43310

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...

CVE-2026-43311

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fix unsafe generichandleirq call Currently, when resuming from system suspend on Tegra platforms, the following warning is observed: WARNING: CPU: 0 PID: 14459 at kernel/irq/irqdesc.c:666 Call trace:...

CVE-2026-43320

The CVE-2026-43320 entry concerns the Linux kernel’s drm/amd/display component. The root cause described across sources is a missing function hook check before use, which could affect dsc eDP handling. Public descriptions indicate a potential for instability or unexpected behavior in the display ...

CVE-2026-43305

CVE-2026-43305 details a Linux kernel DRM AMD display issue where the DMUB HW lock unlock path in the HWSS fast path could hang due to a mismatch between evaluating the need for the lock and unlocking. The fix introduces a flag to track whether the lock should be used and applies that flag to gov...

PT-2026-38981

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwi...

EUVD-2026-27792

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

EUVD-2026-27768

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: validate numifs to prevent out-of-bounds write The driver obtains swattr.numifs from firmware via dpswgetattributes but never validates it against DPSWMAXIF 64. This value controls iteration in...

EUVD-2026-27760

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size Add checks ...

EUVD-2026-27730

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cperprintfwerr doesn't check if the error record length is big enough to handle offset. On a bad firmware, if the ofset is above the actual record, length -= offs...

CVE-2026-43193 nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4file refcount leak in nfsdgetdirdeleg Claude pointed out that there is a nfs4file refcount leak in nfsdgetdirdeleg. Ensure that the reference to "fp" is released before returning...

PT-2026-37560

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the AMD IOMMU driver where concurrent Translation Lookaside Buffer TLB invalidations can cause completion waits to time out randomly. This occurs because the cmd sem v...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fixed the kernel panic by avoiding access to unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been completely removed since the commit 16d98b548365 “mt76: mt7921:...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: libertas – Fixed a possible reference count leak in ifusbprobe. usbgetdev will be called before lbsgetfirmwareasync, which means that usbputdev needs to be called when lbsgetfirmwareasync fails...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: dell-smbios-wmi: Fixed an oop in rmmod dellsmbios. The initdellsmbioswmi function only registers the dellsmbioswmidriver on systems where the Dell WMI interface is supported. While the exitdellsmbioswmi function...