SUSE CVE-2026-46304

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...

CVE-2026-46304

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...

CVE-2026-46304 nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...

CVE-2026-46304

The CVE-2026-46304 issue concerns the Linux kernel nvmet subsystem. The problem arises when nvmet_tcp_release_queue_work() runs on the nvmet-wq and can drop the final controller reference via nvmet_cq_put(), potentially triggering nvmet_ctrl_free() and flushing ctrl->async_event_work on the sa...

PT-2026-47375

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NVMe target controller teardown process where a recursive workqueue flush can occur. Specifically, the nvmet tcp release queue work function runs on the nvmet-wq...

CVE-2026-46252

A flaw was found in the Linux kernel's regulator core. Incorrect handling of locking in the regulatorresolvesupply function's error path can trigger a lockdep warning. This issue may allow for concurrent access problems, potentially leading to system instability or a denial of service DoS conditi...

CVE-2026-46252 regulator: core: fix locking in regulator_resolve_supply() error path

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking in regulatorresolvesupply error path If late enabling of a supply regulator fails in regulatorresolvesupply, the code currently triggers a lockdep warning: WARNING: drivers/regulator/core.c:2649 at...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: mm/khugepaged: fixed → anonvma race If an -anonvma is attached to the VMA, the collapseandfreepmd function requires that it be locked. Page table traversal is allowed under either the mmap lock, the anonvma lock if the VMA is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Added SRCU protection for reading PDPTRs in getsregs2. Added SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigger access to guest memory: kvmpdptrread - svmcachereg -...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: kcm: fixed the order of calls to strpinit and cleanup. The strpinit function is called just a few lines above this csk-skuserdata check. It also initializes strp-work, etc. Therefore, there is no need to call strpdone to cance...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix lockdep warning during rmmod The commit under the Fixes tag added a netdevassertlocked in bnxtfreentpfltrs. The lock should be held during normal run-time but the assert will be triggered see below during bnxtremoveon...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fixed a race condition involving VMA iteration and mmstruct teardown. The exitmmap function will tear down the VMAs and the maple tree, provided that the mmaplock is held in write mode. Ensure that the maple tree remains...

SUSE CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

SUSE CVE-2026-43227

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/shtmu: Always leave device running after probe The TMU device can be used as both a clocksource and a clockevent provider. The driver tries to be smart and power itself on and off, as well as enabling and...

UBUNTU-CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

PT-2026-38927

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the slab memory allocator where the get from any partial function accesses current-mems allowed seq during an NMI Non-Maskable Interrupt context. Because current-mems...

Linux Distros Unpatched Vulnerability : CVE-2026-43214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Add SRCU protection for reading PDPTRs in getsregs2 Add SRCU read-side protection when reading PDPTR registers in getsregs2. Reading PDPTRs may trigge...

CVE-2026-43227

CVE-2026-43227 affects the Linux kernel’s clocksource/sh_tmu driver. The vulnerability arises when the TMU is used as both clocksource and clockevent provider and the driver tries to power/clocks state via pm_runtime_() and clk_ () while holding raw spinlocks. This mismatch between spinlock conte...

CVE-2026-43227

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/shtmu: Always leave device running after probe The TMU device can be used as both a clocksource and a clockevent provider. The driver tries to be smart and power itself on and off, as well as enabling and...