Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nfsd: Check that the server is running in unlockfilesystem. If we try to unlock the filesystem via an administrative interface, and nfsd is not running, it will cause the server to crash. This occurs currently because the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: hv: Fixed a crash in hvpcirestoremsimsg during hibernation. When a Linux virtual machine with a assigned PCI device runs on Hyper-V, if the PCI device driver is not yet loaded i.e., MSI-X/MSI is not enabled on the device,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Correctly handling the kvmarminit failure in finalizepkvm Currently, there is no synchronization between the finalizepkvm and kvmarminit initcalls. finalizepkvm continues to execute even if kvmarminit fails, resulting...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: The BUG function call has been removed after failing to insert a delayed directory index entry. Instead of calling BUG when we fail to insert a delayed directory index entry into the delayed node’s tree, we can simply...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix for the condition effect bit clearing issue As reported by MPDarkGuy on Discord, NULL pointer dereferences occurred because not all conditional effect bits were cleared. Properly clear all conditional effect bits...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Signal: Allocate SSVE storage when restoring ZA The code used to restore a ZA context does not attempt to allocate the task’s svestate before setting TIFSME. As a result, restoring a ZA context may place the task in...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

The nfqnlmangle function in net/netfilter/nfnetlinkqueue.c in the Linux kernel, as of version 5.18.14, allows remote attackers to cause a denial of service panic. This occurs because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull operation may encounter a...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fixed a stack overflow issue in line6miditransmit. The issue was addressed by correctly calculating the available space, including the size of the buffer. This correction prevents a buffer overflow when multiple MIDI...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused, rather than simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused. However, it never sets t-paused, even though it can determine...

linux-copy-fail-exploit

CVE-2026-31431 Copy Fail - LPE Exploit PoC !Pythonhttps:...

Linux Distros Unpatched Vulnerability : CVE-2026-43007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over th...

copyfail

Copy Fail TL;DR $ curl https://git.dc09.xyz/DarkCat09/...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431: Zero-Reboot Remediation for OpenShift 4 via BP...

CVE-2026-43007

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAICTRANSDEACTIVATEFROMDEV transaction to the host over the QAICCONTROL MHI channel. QAIC handles this by calling...

CVE-2026-43036

In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...

CVE-2026-43031

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

UBUNTU-CVE-2026-31742

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enteraltscreen saves vcunilines into vcsavedunilines and sets vcunilines to NULL, a subsequent console resize via vcdoresize skips reallocating the unicode...

UBUNTU-CVE-2026-31753

In the Linux kernel, the following vulnerability has been resolved: auxdisplay: line-display: fix NULL dereference in linedisprelease linedisprelease currently retrieves the enclosing struct linedisp via tolinedisp. That lookup depends on the attachment list, but the attachment may already have...

CVE-2026-43042

The CVE-2026-43042 issue affects the Linux kernel MPLS code. It describes a race condition where concurrent operations on platform label data can yield an inconsistent view during a resize of the platform_label tables, particularly in the RCU-protected paths mpls_forward and mpls_dump_routes unde...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the bridge brndsend function not validating the ND option length, which could result in the parser...