CVE-2026-46171

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for RISC-V architecture. This vulnerability occurs when a second memory allocation fails during the vector context setup, causing a previously allocated memory block to be leaked. Over time, repeated occurrences of this issue...

PT-2026-44294

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: fix vector context allocation leak When the second kzalloc host context.vector.datap fails in kvm riscv vcpu alloc vector context, the first allocation guest context.vector.datap is leaked. Free it before returning...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: RISCV: Fix for the “Sparse-Memory/vmemmap out-of-bounds” issue. The offset of vmemmap was adjusted so that the first page of vmemmap is mapped to the first page of physical memory. This ensures that the bounds of vmemmap are...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: A stack overflow issue was fixed when loading vlenb. The user-space load mechanism can place up to 2048 bits into the xlen bit stack buffer. Since we only need the xlen bits, we check the size of the buffer in advanc...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Teardown of risc-specific bits after kvmexit During a module removal, kvmexit invokes an architecture-specific disable call, which disables AIA. However, we invoke aiaexit before kvmexit, resulting in the following...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 “perf: RISC-V: throttle perf events”, the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM – Writing hgatp registers with valid mode bits According to the RISC-V Privileged Architecture Specification, when MODE=Bare is selected, software must write zero to the remaining fields of hgatp. We have previously...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: riscv: A race condition during vmap stack overflow detection has been fixed. Currently, when detecting vmap stack overflow, riscv first switches to the so-called “shadow stack”, and then uses this shadow stack to call...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv: trace: fix snapshot deadlock with sbi ecall If sbiecall.c's functions are traceable, echo "sbiecall:snapshot" /sys/kernel/tracing/setftracefilter may get the kernel into a deadlock. Functions in sbiecall.c are excluded fro...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb', outsb', etc. which use the physical PCI port I/O address rather than the corresponding memory mapping to get at the requested...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: riscv: kprobe: Fixup kernel panic when probing an illegal position The kernel would panic when probed for an illegal position. eg: CONFIGRISCVISAC=n echo 'p:hello kernelclone+0x16 a0=%a0' kprobeevents echo 1...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: riscv: Sync efi page table's kernel mappings before switching The EFI page table is initially created as a copy of the kernel page table. With VMAPSTACK enabled, kernel stacks are allocated in the vmalloc area: if the stack is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpfjitbinaryfree function requires a non-NULL argument. When the RISC-V BPF JIT fails to converge in NRJITITERATIONS steps, jitdata-header will be NULL, which triggers a NULL...

CVE-2026-29649

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011166)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011166 advisory. In the Linux kernel, the following vulnerability has been resolved: RISC-V: Make port I/O string accessors actually work Fix port I/O string accessors such as insb',...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011273)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011273 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory...

EUVD-2026-23944

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

CVE-2026-29649

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

PT-2026-33830

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

CVE-2026-29642

A local attacker who can execute privileged CSR operations or can induce firmware to do so performs carefully crafted reads/writes to menvcfg e.g., csrrs in M-mode. On affected XiangShan versions commit aecf601e803bfd2371667a3fb60bfcd83c333027, 2024-11-19, these menvcfg accesses can unexpectedly...