CVE-2026-53260 tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().

In the Linux kernel, the following vulnerability has been resolved: tcp: Add preemptdisable,enablenested in reqskqueuehashreq. syzbot reported a weird reqsk-rskrefcnt underflow in inetcskreqskqueuedrop. The captured reqskput in inetcskreqskqueuedrop is called only when it successfully removes req...

EUVD-2026-39211

In the Linux kernel, the following vulnerability has been resolved: tcp: Add preemptdisable,enablenested in reqskqueuehashreq. syzbot reported a weird reqsk-rskrefcnt underflow in inetcskreqskqueuedrop. The captured reqskput in inetcskreqskqueuedrop is called only when it successfully removes req...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: resetting dst in the route object after setting up a flow. The dst field is now transferred to the flow object, and the route object no longer owns it. Resetting dst in the route object is necessary;...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Clear ffseventfd in ffsdataclear. ffsdataclear is indirectly called from both ffsfskillsb and ffsep0release, so it ends up being called twice when userland closes ep0 and then unmounts ffs. If userland provided ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveauboref on a nouveaubo without initializing it and thus the backing ttmbo leads to a refcount underflow. Instead of calling nouveauboref in the unwind path of...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Ice: Avoid bpfprog refcount underflow The Ice driver includes routines for managing XDP resources that are shared between the ndobpf operation and the VSI rebuild flow. The latter occurs, for example, when the user changes the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpt3sas: Fixed the use-after-free warning. Fixed the following use-after-free warnings that were observed during controller reset: refcountt: Underflow; use-after-free. WARNING: CPU: 23; PID: 5399; Location:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Refactored amdgpugemvaioctl to handle last fence updates and timeline management v4. This commit simplifies the amdgpugemvaioctl function by introducing the following key updates: - Moved the logic for managing the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In tcpconnrequest, do not call reqskfastopenremove. The syzbot reported the following issue in tcpconnrequest: 0 If a listener is closed while a TFO socket is being processed in tcpconnrequest, inetcskreqskqueueadd does not set...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice. PSP is unregistered twice in the following functions: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow under certain conditions:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: nfs: fixed UAF in direct writes In production, we have been encountering the following warnings consistently: ------------ cut here ------------ refcountt: underflow; use-after-free. WARNING: CPU: 17 PID: 1800359 at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: fixed the refcount underflow in the error path. This fix addresses a refcount underflow issue reported by syzbot, which can occur when the system runs out of memory. If xpalloctxdescs fails—and it can only fail due to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: Fixed an issue where the clientcount variable was incremented twice for public channels when dmachanget was called for a channel. This occurred first in balancerefcount, and again before returning. As a result, the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: drm/vc4: Do not check if plane-state-fb == state-fb Currently, when using non-blocking commits, the following kernel warnings can be observed: 110.908514 ------------ Cut here ------------ 110.908529 refcountt: Underflow; Use...

dm-thin: fix metadata refcount underflow

...

Linux Distros Unpatched Vulnerability : CVE-2026-45910

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at...

CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

SUSE CVE-2026-45910

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at rxeschedtask+0x1c8/0x238 rdmarxe, CPU0: swapper/0/0 ... libsha1 last unloaded: ip6udptunnel...

PT-2026-43777

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the retransmit timer and rxe destroy qp functions in the RDMA/rxe component. This occurs when the Queue Pair QP reference count drops to zero while a time...