840 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hsr: Remove WARNONCE in hsraddrisself. syzbot reported the warning 0 in hsraddrisself, whose assumption is simply wrong. hsr-selfnode is cleared in...
SUSE CVE-2026-53174
In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...
SUSE CVE-2026-53243
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...
Linux Distros Unpatched Vulnerability : CVE-2026-52992
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/adfs: validate nzones in adfsvalidatebblk Reject ADFS disc records with a zero zone count during boot block validation, before the disc record is used. When...
Linux Distros Unpatched Vulnerability : CVE-2026-53012
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all group...
CVE-2026-52992
CVE-2026-52992 concerns the Linux kernel ADfS boot-block validation. The vulnerability arises in fs/adfs when nzones is 0: adfs_read_map() passes 0 to kmalloc_array, returning ZERO_SIZE_PTR, and adfs_map_layout() then writes to dm[-1], causing an out-of-bounds write before the allocated buffer. T...
PT-2026-51906
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs when an IPv6 nexthop is replaced with an IPv4 nexthop. This happens because the has v4 flag of all groups containing the nexthop is not updated, as the ...
PT-2026-51886
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write occurs in the ADFS file system when processing a crafted image with a zero zone count. During boot block validation, if the nzones variable is 0, the adfs read map...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use-after-free out of bounds. When we run syzkaller, we encounter an Out of Bounds error. “KASAN: slab-out-of-bounds Read in regcacheflatread.” The issue’s backtrace is as follows: BUG: KASAN:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Wifi: rtlwifi – significantly reduced the attempts to read efuse in case of failures. Syzkaller reported a hung task with ueventshow on the stack trace. That specific issue was addressed by another commit 0. However, even with...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Check the count value of the channel specification to prevent out-of-bounds reads This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g, which occur when the count value of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that generated this warning: msk-pm.localaddrused == 0 WARNING: net/mptcp/pmkernel.c:1071 at...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fixed an out-of-bound read in respreadcap16 The following warning was observed when running syzkaller: 3813.830724 sgwrite: Data size 65466/242 bytes for the SCSI command 0x9e—guessing data size as 65466/242 byte...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Ensure that snduna is properly initialized upon connection. This issue is strictly related to the commit fb7a0d334894 “mptcp: Ensure that sndnxt is properly initialized upon connection”. It turns out that syzkaller can...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In the bpf and arm64 implementations, the value of prog-jitedlen was cleared along with prog-jited. The syzbot reported an attempt to perform an illegal copytouser operation from the bpfproggetinfobyfd function 1. There has been ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Team: Fix for checking whether the port is enabled in teamqueueoverrideportpriochanged. A syzkaller bug was recently reported with the following trace: listdel corruption; ffff888058bea080-prev is LISTPOISON2 dead000000000122...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ext4: The block range must be validated before being used in ext4mbclearbb. The block range to be freed is validated in ext4freeblocks, using ext4 inodeblockvalid. This range is then passed to ext4mbclearbb. However, in some case...
Linux Distros Unpatched Vulnerability : CVE-2026-46116
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load ...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In the net subsystem, hsr: rejecting HSR frames if skb cannot hold the tag. Receiving an HSR frame with insufficient space to hold the HSR tag in the skb can result in a crash kernel bug. 45.390915 skbuff: skbunderpanic:...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: In the bpf code, the splat operation in skbpullreason can cause an issue. The syzkaller build with CONFIGDEBUGNET=y frequently triggers a debug hint in skbmaypull. We would like to keep this debug check because it might indicate...