Astra Linux – Vulnerability in WebKit2GTK

A memory corruption vulnerability has been addressed through improved locking mechanisms. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15, and iPadOS 15. Processing maliciously crafted web content may lead to code execution...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: A memory leak was fixed when removing provided buffers. When removing provided buffers, the iobuffer structures were not being disposed of properly, resulting in a memory leak. These structures cannot be freed...

Astra Linux - уязвимость в mariadb-10.3

MariaDB Server before version 10.7 is vulnerable to Denial of Service attacks. In the file extra/mariabackup/dsxbstream.cc, when an error occurs e.g., streamctxt-destfile == NULL while executing the xbstreamopen method, the held lock is not released properly. This allows local users to trigger a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed the issue of locking in the ieee80211startap error path. We need to hold the local-mtx to release the channel context; this is even encoded in the lockdepassertheld function. Fix this issue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fixed the race condition involving the deleteendpoint function and the unregistration of parent ports. The CXL subsystem establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the xarray locking mechanism in nfsnetfsissueread for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts during the iteration of pages in the xarray to perform NFS reads. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Thermal/debugfs: Fixed two locking issues related to the thermal zone debug. With the current locking mechanism for thermal zones in the debugfs code, user space can open the “mitigations” file for a thermal zone before the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: The code correctly moves the list within scdisable. Commit 13bac861952a “IB/hfi1: Fix the abba locking issue with scdisable”. However, the code incorrectly attempts to move a list from one list head to another. This...

Astra Linux - уязвимость в linux-5.10

A race condition was detected in the Linux kernel’s RxRPC network protocol, during the processing of RxRPC bundles. This issue arises due to the lack of proper locking when performing operations on an object. This could allow an attacker to escalate privileges and execute arbitrary code within th...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In multiple functions of iouring.c, there is a possibility of kernel memory corruption due to improper locking. This could lead to a local escalation of privileges in the kernel, as execution privileges are required. User interaction is not necessary for exploiting this vulnerability...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: mcast: fixed a data race in ipv6mcdown / mldifcwork. idev-mcifccount can be written to 0xffff88813a80c832, which is 1 byte, by task 3771 on CPU 0: mldifcstopwork in net/ipv6/mcast.c:1080 inline ipv6mcdown+0x10a/0x280 in...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: dma: xilinxdpdma: Fixing locking issues There are several places where either chan-lock or chan-vchan.lock was not held. Appropriate locking measures were added. This fixes lockdep warnings such as: 31.077578 ------------ Cut...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed the locking usage for tcon fields. Previously, we used cifstcpseslock to protect many objects that weren’t just server, ses, or tcon lists. Later, we introduced srvlock, seslock, and tclock to protect fields within th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ntfs3: fixed a circular locking dependency in rununpackex. Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario is as follows: 1. ntfsextendmft acquires...

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: The release path is checked before inode lookup during the ino lookup ioctl operation. During the ino lookup ioctl operation, we may call btrfsiget to obtain an inode reference while we are holding onto the root’s btree...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: fixed incorrect locking in the statechange sk callback We are not changing anything in the TCP connection state, so we should not use a writelock but rather a read lock. This caused a deadlock when running nvmet-tcp...

Astra Linux - уязвимость в linux, linux-5.10

In ipcheckmcrcu of igmp.c, there is a potential use after free due to improper locking. This could lead to a local escalation of privileges when opening and closing inet sockets, without the need for additional execution privileges. User interaction is not required for exploitation. Product:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A denial-of-service issue was detected, possibly due to a recursive locking scenario, which led to a deadlock in the tableclear function in drivers/md/dm-ioctl.c within the Linux Kernel Device Mapper-Multipathing sub-component...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021597)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021597 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd...