CVE-2026-46319

The CVE concerns the Linux kernel net/sched act_ct flow table lookup. In tcf_ct_flow_table_get(), the code uses rhashtable_lookup_fast() inside an RCU read section, but returns after rcu_read_unlock(), creating a narrow race window where the ct_ft object can be freed before refcount_inc_not_zero(...

EUVD-2026-32751

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: only purge non-released claims When batadvblapurgeclaims goes through the list of claims, it is only traversing the hash list with an rcureadlock. Due to a potential parallel batadvclaimput, it can happen that it...

CVE-2026-46015 tcp: call sk_data_ready() after listener migration

In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - BPF: The rcureadlockTraceheld function in bpfmaplookuppercpuelem needs to be checked. The bpfmaplookuppercpuelem helper function is also available for sleepable BPF programs. When BPF JIT is disabled or on a 32-bit host,...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RCU: Protect access to rcuprinttaskexpstall - exptasks For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL pointer dereferencing: c CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hsr: It is necessary to hold the rcu lock and dev lock during the execution of hsrgetportndev. The hsrgetportndev function calls hsrforeachport, which requires holding the rcu lock. On the other hand, before returning the port...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: prevented UAF in ip6sendskb syzbot reported a UAF in ip6sendskb 1 After ip6localout has returned, we no longer can safely dereference rt, unless we hold rcureadlock. A similar issue has been fixed in commit a688caa34beb...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: It is now possible to use hdev-workqueue when scheduling hdev-cmd,ncmdtimer works. The syzbot is reporting an attempt to schedule the hdev-cmdwork task from systemwq to hdev-workqueue WQ, which is currently in a draini...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005430)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005430 advisory. In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine...

CVE-2022-50833

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: use hdev-workqueue when queuing hdev-cmd,ncmdtimer works syzbot is reporting attempt to schedule hdev-cmdwork work from systemwq WQ into hdev-workqueue WQ which is under draining operation 1, for commit c8efcc2589464ac...

EUVD-2024-53778

Malicious code in bioql PyPI...

EUVD-2023-59853

Malicious code in bioql PyPI...

CVE-2025-39872

Summary (CVE-2025-39872) : The vulnerability affects the Linux kernel’s hsr code path. The bug arises in hsr_get_port_ndev, where hsr_for_each_port requires an RCU lock while the caller later needs a valid device reference, creating a UaF risk. Documents from Red Hat, Debian, and OSS/OSV portals ...

CVE-2023-53419

In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the following scenario can result in a NULL-pointer dereference: CPU1 CPU2 rcupreemptdeferredqsirqrestore rcuprinttaskexpstall if...

CVE-2023-53231 erofs: Fix detection of atomic context

In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as zerofsdecompressqueueendio can be called under rcu lock from blkmqflushpluglist. See the stacktrace 1 In such case we should hand off th...

PT-2025-39129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to resource handling within the hsr subsystem. Specifically, the hsr get port ndev function does not properly manage locks, potentially leading ...

OESA-2025-1729 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:genirq/irqdesc: Prevent use-after-free in irqfindatorafterirqfindatorafter dereferences the interrupt descriptor which isreturned by mtfind while neither holding...

AZL-64395 CVE-2025-38087 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in tapriodevnotifier Since taprio’s tapriodevnotifier isn’t protected by an RCU read-side critical section, a race with advancesched can lead to a use-after-free. Adding rcureadlock inside...

CVE-2025-38028 NFS/localio: Fix a race in nfs_local_open_fh()

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fix a race in nfslocalopenfh Once the clp-cluuid.lock has been dropped, another CPU could come in and free the struct nfsdfile that was just added. To prevent that from happening, take the RCU read lock before droppi...

CVE-2025-21889

In the Linux kernel, the following vulnerability has been resolved: perf/core: Add RCU read lock protection to perfiteratectx The perfiteratectx function performs RCU list traversal but currently lacks RCU read lock protection. This causes lockdep warnings when running perf probe with unshare1...