Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: usbnet: Prevents “free active kevent” The root causes of this issue are as follows: 1. When probing the usbnet device and executing usbnetlinkchangedev, 0, 0, the kevent operation is placed in the global workqueue. However, th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Fixed a possible overflow in the DPE length check. Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. We have moved the...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: sanity check for maxpacket. A value of 0 for maxpacket makes no sense, and it causes an error because we need to divide by it. Fixed. In version 2: typos in the log have been corrected, and stylistic issues have also been...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: usb: aqc111: Fixed error handling of usbnet read calls Syzkaller, with the help of syzbot, identified an error in the aqc111 driver. This error was caused by incomplete sanitization of the results of usbnet read calls. Th...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnetwritecmdasync mixed up which buffers need to be freed in which error case. v2: add Fixes tag v3: fix uninitialized buf pointer...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: usb: fixed a memory leak in smsc75xxbind Syzbot reported a memory leak in smsc75xx Bind. The issue occurred when memory was not freed after memory allocation due to errors. Backtrace: kmalloc include/linux/slab.h:556 inline...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fixed the use-of-memory issue after a disconnection. usbnet uses the usbnetdeferredkevent function to perform tasks that may sleep. When a connection is disconnected, the completion of these tasks was originally expected ...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: In usbnet, there is a flaw where unregisternetdev is called before unbind. The commit with the commit ID 2c9d6c2b871d “usbnet: run unbind before unregisternetdev” was intended to fix a use-after-free issue when disconnecting USB...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: Fixed the DPE OoB read issue. A buffer-overflow vulnerability related to DPE reads has been addressed. The number of DPEs processed is limited to the amount that fits within the fixed-size NDP16 header...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelinkbind Syzbot reports 1 a warning in usbsubmiturb triggered by inconsistencies between expected and actually present endpoints in gl620a driver. Since genelinkbind does not properly...

CLSA-2026-1777616064 kernel: Fix of 260 CVEs

crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013186 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem i...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006970)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006970 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem i...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006766)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006766 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem i...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50171)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50171 advisory. - macvlan: fix error recovery in macvlancommonnewlink Eric Dumazet Orabug: 39057366 CVE-2026-23209 - netfilter: nftables: fix inverted genmask check in...

OESA-2026-1762 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-1313)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: mpt3sas: Fix crash in transport port remove by using iocinfoCVE-2025-40115 scsi: target: Fix WRITESAME No Data Buffer crashCVE-2022-21546...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50145)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50145 advisory. - macvlan: fix error recovery in macvlancommonnewlink Eric Dumazet Orabug: 39057366 CVE-2026-23209 - netfilter: nftables: fix inverted genmask che...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50112)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50112 advisory. - tls: Use skdstget and dstdevrcu in getnetdevforsock. Kuniyuki Iwashima Orabug: 38649136 CVE-2025-40149 - fuse: fix runtime warning on...