1049 matches found
CVE-2026-52910
In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...
EUVD-2026-38034
In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...
CVE-2026-52910 bpf: Free reuseport cBPF prog after RCU grace period.
In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...
CVE-2026-52910
The CVE-2026-52910 issue is in the Linux kernel where a cBPF reuseport program may be freed immediately when detached from a reuseport group, without waiting for an RCU grace period. This can lead to a use-after-free and potential memory corruption when a concurrent UDP send crosses the fast path...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: RCU protection for disk-convzonesbitmap It is ensured that revalidating a disk by changing the conventional zones bitmap does not cause invalid memory references when using the diskzoneisconv helper function, with RCU...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw88: use a work to update the rate to avoid RCU warnings. The ieee80211ops::starcupdate function must be atomic, because ieee80211chanbwchange holds a rcuread lock while calling drvstarcupdate. Therefore, a work must b...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk = somelookupfunc bpfskassignskb, sk bpfskreleasesk That is, the sk is not consumed by bpfskassign. Therefore, the function must ensure...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Deferring the release of the inner map when necessary When updating or deleting an inner map in the map array or map htab, the map may still be accessed by non-sleepable programs or sleepable programs. However, when the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftexprtypeget. The function nftunregisterexpr can occur concurrently with nftexprtypeget. There is no protection when iterating over the nftablesexpressions list in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: raw: Fixed NULL dereference in rawgetnext. Dae R. Jeong reported a NULL dereference in rawgetnext. It seems that the reproduction test was running these sequences in parallel, so one thread was iterating over a socket that was...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: fixed the race condition in dstnegativeadvice The dstnegativeadvice function does not enforce proper RCU rules when sk-dstcache must be cleared, leading to a potential Use-After-Free error UAF. RCU rules state that we must...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: CFI: Fixed the use of cfislowpathdiag with cpuidle. The use of RCUNONIDLE during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path. WARNING: CPU: 1, PID: 0, at kernel/rcu/tree.c:613, rcueqsenter+0xe4/0x1...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fixed the cleanup flow for mlx5eprivinit. When mlx5eprivinit fails, the cleanup flow calls mlx5eselqcleanup, which in turn calls mlx5eselqapply. This ensures that priv-statelock is held using lockdepisheld. The statelo...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nvme-multipath: fixed the suspicious RCU usage warning When I run the NVME over TCP test in virtme-ng, I receive the following “suspicious RCU usage” warning in nvmempathaddsysfslink: ''' 5.024557 T44 nvmet: Created nvm...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: The garbage collection process is split into two phases—unlink and reclaim. Yiming Qian reported a use-after-free issue in the pipapo set type: Under a large number of expired elements, commit-time garbag...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The packet transmission path of the sit driver calls sittunnelxmit - updateorcreatefnhe. This leads to fnheremoveoldest being called to delete entries that exceed...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, there is a fix for a use-after-free of sk-sksocket in skpsockverdictdataready. The syzbot reported a use-after-free of the sk-sksocket of an AFUNIX socket in skpsockverdictdataready. 0 In the unixstreamsendmsg...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: added an missing RCU unlock in the error path in tryreleasesubpageextentbuffer. Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer, because there is a rcureadunlock call after the loop. This issue wa...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed a deadlock in the tc route query code The cited commit caused a ABBA deadlock0 when peer flows were created while holding the devcom rw semaphore. Due to the peer flow offload implementation, the lock is taken...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The use-of-free condition was fixed by using callrcu for oplockinfo. Currently, ksmbd immediately frees oplockinfo using kfree, even though it is accessed during critical sections of the RCU read-side, such as in functions...