EUVD-2026-38952

In the Linux kernel, the following vulnerability has been resolved: bpf: return VMA snapshot from taskvma iterator Holding the per-VMA lock across the BPF program body creates a lock ordering problem when helpers acquire locks that depend on mmaplock: vmlock - irwsem - mmaplock - vmlock Snapshot...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed the issue where the mmap write lock was not released. If the mmap write lock is acquired while draining a retry fault, the mmap write lock is not released because svmrangerestorepages calls mmapreadunlock before...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/MADVCOLLAPSE: handling !none !huge !bad pmd lookups In commit 34488399fa08 “mm/madvise: adding file and shmem support to MADVCOLLAPSE”, we made the following change to findpmdorthpornone: – if !pmdpresentpmde return...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fixed a race condition involving VMA iteration and mmstruct teardown. The exitmmap function will tear down the VMAs and the maple tree, provided that the mmaplock is held in write mode. Ensure that the maple tree remains...

Linux Distros Unpatched Vulnerability : CVE-2026-46063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack...

CVE-2026-46063

A flaw was found in the Linux kernel. A deadlock can occur during the shadow stack signal return shstk sigreturn process on x86 systems. This happens when the kernel attempts to read the shadow stack signal frame, and a page fault occurs, leading to a recursive attempt to acquire an mmap read loc...

UBUNTU-CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

CVE-2026-46063 x86/shstk: Prevent deadlock during shstk sigreturn

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

PT-2026-43930

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur during the shadow stack signal frame pop process in the sigreturn operation. The kernel attempts to verify that it is reading actual shadow stack memory by holding t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86: Shadow stacks – proper error handling for mmap lock Kim Young-min reported that shstkpopsigframe does not check for errors from mmapreadlockkillable. This is a silly oversight. It was also shown that we have not marked...

CVE-2026-43109 x86: shadow stacks: proper error handling for mmap lock

In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly oversight, and also shows that we haven't marked those functions with...

CVE-2026-43109

In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly oversight, and also shows that we haven't marked those functions with...

CVE-2026-43109

The CVE-2026-43109 issue concerns Linux kernel x86 shadow stacks where shstk_pop_sigframe() did not check errors from mmap_read_lock_killable(), and related __must_check annotations were missing. The connected OSV entries confirm patches in rootio-linux for Ubuntu/Debian releases (e.g., Ubuntu 22...

PT-2026-37419

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the x86 shadow stacks implementation where the shstk pop sigframe function fails to check for errors returned by mmap read lock killable. This occurs because the...

Linux Distros Unpatched Vulnerability : CVE-2026-43109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86: shadow stacks: proper error handling for mmap lock reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: procfs: Avoid fetching the build ID while holding the VMA lock. Fix the PROCMAPQUERY to fetch the optional build ID only after releasing the mmaplock or the per-VMA lock, whichever was used to lock the VMA, to prevent deadlock...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Binder: Fix for use-after-free in shinker’s callback The mmap read lock is used during shinker’s callback, which means that using the alloc-vma pointer is not safe, as it could lead to a race condition with munmap. As of commit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed the issue where dereferencing the null-ptr variable occurred unexpectedly. Syzbot reported several issues introduced by commit 44e602b4e52f „binderalloc: added missing mmaplock calls when using VMA”. In these...

SUSE CVE-2026-31597

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2fault when VMFAULTRETRY filemapfault may drop the mmaplock before returning VMFAULTRETRY, as documented in mm/filemap.c: "If our return value has VMFAULTRETRY set, it's because the mmaplock may b...