Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Avoid holding the freezemutex during the mmap operation. We use the map-freezemutex to prevent race conditions between the mapfreeze function and memory mapping operations with writable permissions. The way we currently hand...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: Added a check for nextbuffer in receiveencryptedstandard. Added a check on the return values of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereferencing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Reading the IOMMU Stream ID from the device tree Nvidia’s Tegra MGBE controllers require the IOMMU “Stream ID” SID to be written to the MGBEWRAPAXIASID0CTRL register. The current driver is hardcoded to u...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: orangefs: fixed an out-of-bounds read in orangefsdebugwrite. I received a report from syzbot regarding an out-of-bounds read in orangefsdebugwrite… Several people suggested solutions. I tested Al Viro’s suggestion and created thi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed an oops error when unloading drivers that are parallel to each other. When unloading the hclge driver, it attempts to disable sriov first for each aedev node from hnae3aedevlist. If the hns3 driver is unloaded at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netmem: prevents the transmission of unreadable SKBs Service Control Blocks Currently, in stable versions of the kernel, we have support for netmem/devmem RX operations, but not TX operations. It is not safe to forward/redirect a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Media: Venus: HFI parser refactoring of packet parsing logic wordscount represents the total number of words in the payload. data points to the payload of various properties within it. When wordscount reaches the last word, data...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Block: Fix to add folio to bio. A size of 4GB for folio is possible on some ARCHs, such as aarch64. A size of 16GB for hugepage is also supported. However, the “offset” of folio cannot be stored in “unsigned int”, which causes a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: The driver data must be set before it is used. If vmclockptpregister fails during probing, vmclockremove is called to clean up the ptp clock and misc devices. This function uses devgetdrvdata to access the vmclock...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Added mutual exclusion in procsctpdoudpport. We must serialize calls to sctpudpsockstop and sctpudpsockstart, or risk a crash, as syzbot reported: Oops: General protection fault, likely due to a non-canonical address...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed a NULL pointer in canacceptnewsubflow. When testing the valkey benchmark tool with MPTCP, the kernel panics in mptcpcanacceptnewsubflow because subflowreq-msk is NULL. Call trace: mptcpcanacceptnewsubflow...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: w1: fixed NULL pointer dereferencing in the probe. The w1uartprobe function calls w1uartserdevopen which includes devmserdevdeviceopen before setting the client ops via serdevdevicesetclientops. This order can lead to a NULL...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: lockd: set other missing fields when unlocking files vfslockfile expects the struct filelock to be fully initialised by the caller. Re-exported NFSv3 has been seen to Oops if the flfile field is NULL...

SUSE-SU-2026:1676-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix one security issue The following security issue was fixed: - CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algifaead bsc1262573...

CVE-2026-43058

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtvtsnullwriteinto and vidtvtspcrwriteinto take their argument structs by value, causing MSAN to report uninit-value warnings. While only vidtvtsnullwriteinto has...

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CopyFail CVE-2026-31431 Overview CopyFail is a proof...

SUSE CVE-2026-31709

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...

Linux Distros Unpatched Vulnerability : CVE-2026-43017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the...

Linux Distros Unpatched Vulnerability : CVE-2026-31739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: tegra - Add missing CRYPTOALGASYNC The tegra crypto driver failed to set the CRYPTOALGASYNC on its asynchronous algorithms, causing the crypto API to...

Linux Distros Unpatched Vulnerability : CVE-2026-31737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate...