1044 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: rcu: Dump vmalloc memory info safely Currently, for double invoke callrcu, the memory information of rcuhead objects will be dumped. If these objects are not allocated from the slab allocator, vmallocdumpobj will be invoked, a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: block: RCU protection for disk-convzonesbitmap It is ensured that revalidating a disk by changing the conventional zones bitmap does not cause invalid memory references when using the diskzoneisconv helper function, with RCU...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, there is a fix for a use-after-free of sk-sksocket in skpsockverdictdataready. The syzbot reported a use-after-free of the sk-sksocket of an AFUNIX socket in skpsockverdictdataready. 0 In the unixstreamsendmsg...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a lockdep issue in in6dumpaddrs According to reports from syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: suspicious RCU usage 5.19.0-rc2-syzkaller 0 Not tainted net/ipv6/addrconf.c:517...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: CFI: Fixed the use of cfislowpathdiag with cpuidle. The use of RCUNONIDLE during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path. WARNING: CPU: 1, PID: 0, at kernel/rcu/tree.c:613, rcueqsenter+0xe4/0x1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemapgetreadbatch. If a read race occurs with an invalidation followed by another read, it is possible for a folio to be replaced with a higher-order folio. If this happens, we will see a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdkfd: Fixed the lock dependency warning with srcu ====================================================== WARNING: A circular locking dependency was detected. 6.5.0-kfd-yangp 2289 Not tainted...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: added an missing RCU unlock in the error path in tryreleasesubpageextentbuffer. Call rcureadlock before exiting the loop in tryreleasesubpageextentbuffer, because there is a rcureadunlock call after the loop. This issue wa...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Deferring the release of the inner map when necessary When updating or deleting an inner map in the map array or map htab, the map may still be accessed by non-sleepable programs or sleepable programs. However, when the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The use-of-free condition was fixed by using callrcu for oplockinfo. Currently, ksmbd immediately frees oplockinfo using kfree, even though it is accessed during critical sections of the RCU read-side, such as in functions...
PT-2026-50928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel BPF reuseport program handling. When a UDP reuseport group uses a cBPF program and that program is replaced or detached via the setsocko...
kernel: netfilter: nf_tables: release flowtable after rcu grace period on error
A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...
kernel: macvlan: fix possible UAF in macvlan_forward_source()
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...
kernel: net: use dst_dev_rcu() in sk_setup_caps()
In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...
kernel: net: use dst_dev_rcu() in sk_setup_caps()
In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...
kernel: netfilter: nf_tables: release flowtable after rcu grace period on error
A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...
kernel: netfilter: nf_tables: release flowtable after rcu grace period on error
A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...
RLSA-2026:25217 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...
kernel: macvlan: fix possible UAF in macvlan_forward_source()
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...