Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: Rejects zero-length fixed buffer imports The validatefixedrange function allows for the use of bufaddr at the exact end of the registered region when len is zero. This occurs because the check uses a strict...

PT-2026-44289

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab-use-after-free error exists in the mac80211 wireless subsystem. The issue occurs during radar detect work when the ieee80211 dfs cac cancel function is called, which can cause the...

SUSE CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

PT-2026-39063

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the kthread component. When a kthread exits via make task dead, it bypasses kthread exit, causing the affinity node cleanup to be missed. Consequently,...

CVE-2026-43006

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

CVE-2026-43006

CVE-2026-43006 (Linux kernel io_uring rsr/rsrc): A zero-length fixed-buffer import in io_import_fixed() could trigger a slab-out-of-bounds read due to a boundary check that allows len == 0 to be processed. The underlying issue is in validate_fixed_range(), which permits buf_addr at the end of the...

CVE-2026-31669

The CVE-2026-31669 entry pertains to the Linux kernel MPTCP code. A use-after-free could occur in IPv6 subflow sockets due to premature copying of tcpv6_prot into tcpv6_prot_override during early init, before proto_register(&tcpv6_prot) and its SLAB_TYPESAFE_BY_RCU cache is established. Consequen...

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ibregisterdevice" problem Call Trace: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x116/0x1f0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:408 inline...

CVE-2026-23086 vsock/virtio: cap TX credit to local buffer size

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's SOVMSOCKETSBUFFERSIZE value. On the host side this means that the...

Linux Distros Unpatched Vulnerability : CVE-2026-23086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peerbufalloc, which is set from the remote endpoint's...

CVE-2023-53790

In the Linux kernel, the following vulnerability has been resolved: bpf: Zeroing allocated object from slab in bpf memory allocator Currently the freed element in bpf memory allocator may be immediately reused, for htab map the reuse will reinitialize special fields in map value e.g., bpfspinlock...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sccache (SUSE-SU-2025:3944-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:3944-1 advisory. - CVE-2025-55159 - updated slab with the uninit memory access fix bsc1248003 Tenable has extracted the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989580 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series Use objcgroup APIs t...

CVE-2025-40082 hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc BUG: KASAN: slab-out-of-bounds in hfsplusuni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290 CPU: 0 UID: 0 PID: 14290...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414531)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414531 advisory. The decodedata function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the...

SUSE CVE-2023-53521

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in sesintfremove A fix for: BUG: KASAN: slab-out-of-bounds in sesintfremove+0x23f/0x270 ses Read of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013 When edev-components is zero, accessing...

EUVD-2025-13032

Malicious code in bioql PyPI...

EUVD-2025-25563

Malicious code in bioql PyPI...