CVE-2026-45895

CVE-2026-45895 affects the Linux kernel quota subsystem: quotactl_block() can livelock with freeze_super() when a filesystem is frozen on non-preemptible kernels, causing freezer hang and 100% CPU. Root cause: a retry loop in quotactl_block() spinning without scheduling points prevents RCU quiesc...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in DMA synchronization direction in the crypto Atmel-TDES module. This vulnerability may...

PT-2026-43854

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the KVM nSVM component, the nested sync control from vmcb02 function fails to synchronize the int state field, specifically bit 0 SVM INTERRUPT SHADOW MASK, from vmcb02 to the cached...

PT-2026-43912

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the md/md-llbitmap component where the system fails to check the In sync flag when reading bitmap pages from member disks. The code iterates through all rdevs and read...

CVE-2026-46077

crypto: atmel-tdes - fix DMA sync direction...

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2026-1748)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1748 advisory. Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from processCommandAndResetClient when re-executing ...

CVE-2026-45933

bpf: Preserve id of register in synclinkedregs...

CVE-2026-23631

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

GHSA-MW3Q-R9WH-H2FF nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

Incorrect Synchronization

Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Incorrect Synchronization via the query.batch function. An attacker can access data belonging to other users by exploiting a race condition that causes concurrent requests from different...

PT-2026-42672

Name of the Vulnerable Software and Affected Versions core-rs-albatross affected versions not specified Description A remote, unauthenticated denial-of-service issue exists in the MerkleRadixTrie::put chunk function. A malicious state-sync peer can cause a node to crash by responding to a...

PT-2026-42637

Impact A remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::put chunk allows any state-sync peer to crash any node performing state synchronization freshly joining nodes and recovering nodes. A malicious peer can respond to a RequestChunk with a ResponseChunk::Chunk whose...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a use-after-free issue for dynamic ftraceops. KASAN reported a use-after-free with ftrace ops 1. It was discovered that perf had registered two ops with the same content, both being dynamic. After unregistering t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags are cleared or restored. Prior to commit 69e3b846d8a7 “arm64: mte: Sync tags for pages where PTE is untagged”, mtesynctags was only called for ptetagged entries those mapped with...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Use RCU protection in ip6defaultadvmss. ip6defaultadvmss requires RCU protection to ensure that the network structure it reads does not disappear...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Fixed a potential data race in nftexprtypeget. The function nftunregisterexpr can occur concurrently with nftexprtypeget. There is no protection when iterating over the nftablesexpressions list in...

Astra Linux - уязвимость в ntp

In ntp 4.2.8p10, 4.2.8p11, 4.2.8p12, and 4.2.8p13, remote attackers can prevent a broadcast client from synchronizing its clock with a broadcast NTP server through soofed modes 3 and 5. The attacker must either be part of the same broadcast network or control a slave device in that broadcast...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler is finished. This means that the timer handler may still ...