Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A heap out-of-bounds write vulnerability in the Linux Kernel Performance Events perf component of the Linux kernel can be exploited to achieve local privilege escalation. If the perfreadgroup function is called when the siblinglist of an event is smaller than that of its child, it may increment o...

CVE-2026-47329

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses...

PT-2026-44478

Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Ubuntu Linux version 6.17 Ubuntu Linux version 7.0 Description SAUCE patches fail to validate invalid sizes of the name field in AppAmor notification responses. This issue can be triggered by an unprivileged local user...

PT-2026-44482

Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Ubuntu Linux version 6.17 Ubuntu Linux version 7.0 Description AppArmor SAUCE patches contain a flaw that can lead to an incorrect computation of an internal buffer size. This results in a heap memory out-of-bounds...

Stable Channel Update for Desktop

The Stable channel has been updated to 148.0.7778.216/217 for Windows and 148.0.7778.215/216 Mac and 148.0.7778.215 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: removed one synchronizenet call from ipv6mcdown. As discussed in previous discussions commit 2d3916f31891 “ipv6: fix skb drops in igmp6eventquery and igmp6eventreport”, the synchronizenet call in ipv6mcdown is not...

Astra Linux - уязвимость в linux, linux-5.10

The function emsusbstartxmit in the file drivers/net/can/usb/emsusb.c within the Linux kernel, up to version 5.17.1, contains a double-free...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking implemented, some issues may still go unnoticed. Depending on the hardware model, URBs can have either bulk or interrupt types, and the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between freeswapandcache and swapoff There was previously a theoretical scenario where swapoff could execute and tear down the swapinfostruct while a call to freeswapandcache was running in another thread. This...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gnupg2 (UTSA-2026-006148)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006148 advisory. In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: transfig (UTSA-2026-005916)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005916 advisory. A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function. Tenable has extracted the precedi...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000963)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000963 advisory. The scmcheckcreds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000664 advisory. The regulatorenagpiofree function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000561 advisory. The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local use...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002048 advisory. The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service infinite loop via a sma...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002245)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002245 advisory. Buffer overflow in the ozcdevwrite function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or...

MiracleLinux 3 : kernel-2.6.18-53.22AXS3 (AXSA:2009-42:04)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-42:04 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Fixed bugs: CVE-2008-3528 The error-reporting functionality in 1...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651 – Fixed invalid quirk input mapping. When an invalid value is passed via the quirk option, the bytcrrt5640 driver currently simply ignores it and leaves it unchanged. This may lead to unexpected results,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993001)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993001 advisory. In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix usecount leakage when handling boot-on I found a usecount leakage towards...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992907)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992907 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: Fix possible refcount leak in ifusbprobe usbgetdev will be called before...