Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fixed a race condition in sndseqtimeropen. The timer instance per queue is exclusive, and sndseqtimeropen should handle concurrent accesses properly. It seems that the function checks for an already existing timer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: Fixed a panic that occurs when timertype has a garbage value. Currently, when a rule related to IDLETIMER is added, the idletimertg timer structure is initialized using kmalloc during the execution of the...

Astra Linux - уязвимость в linux-5.15, linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: mmc: vub300: Fix the return value check in mmcaddhost. The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the remov...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers CVE-2025-39764 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit CVE-2025-40135 In the Linux kernel, the...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

Important: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

OESA-2026-2076 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot...

SUSE CVE-2026-31574

In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag in a couple of places: - When the clock event state changes. That ca...

Linux Distros Unpatched Vulnerability : CVE-2026-31574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag...

CVE-2026-31574

A flaw was found in the Linux kernel's clock event handling. Missing resets of a critical flag can lead to timer interrupt starvation and system stalls. This vulnerability could allow an attacker to cause a denial of service DoS by making the system unresponsive. Mitigation Mitigation for this...

CVE-2026-31574

In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag in a couple of places: - When the clock event state changes. That ca...

DEBIAN-CVE-2026-31574

In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag in a couple of places: - When the clock event state changes. That ca...

EUVD-2026-25467

In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag in a couple of places: - When the clock event state changes. That ca...

CVE-2026-31574

CVE-2026-31574 concerns the Linux kernel clockevents subsystem. The issue arises from missing resets of the next_event_forced flag in several code paths, including during clock event state changes, when arming a non-forced event, and in the suspend wakeup handler. This can leave the flag stale ac...

CVE-2026-31574

In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing resets of the nexteventforced flag The prevention mechanism against timer interrupt starvation missed to reset the nexteventforced flag in a couple of places: - When the clock event state changes. That ca...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. CVE-2026-23243: RDMA/umad: Reject negative...