Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do not recheck L1 intercepts when completing userspace I/O When completing emulation of instructions that generate a userspace exit for I/O, do not recheck L1 intercepts. This is because KVM has already completed that...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: VLAN: Enforcing the underlying device type Currently, VLAN devices can be created on top of non-Ethernet devices. This practice makes no logical sense and also causes a bug where the address of a kernel function is leaked to the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Added check for filling the poll mod list. In cases where the improtocols value is 1 and the tmprotocols value is 0, this combination successfully passes the check. This condition is specified as “if !improtocols &&...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: serial: max310x: fixed NULL pointer dereferencing in I2C instantiation When attempting to instantiate a max14830 device from userspace: echo max14830 0x60 /sys/bus/i2c/devices/i2c-2/newdevice the following error occurs: Unable...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Disallow anonymous sets with a timeout flag. Anonymous sets are never used with a timeout setting from the user space; therefore, this behavior should be rejected. An exception to this rule is NFTSETEVAL, to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup: The cgroupgetfromid function must check that the looked-up key is a directory. The cgroup object must be a kernfs directory; otherwise, a kernel panic will occur, especially when the cgroup ID is provided from the user...

Astra Linux - уязвимость в linux

A vulnerability was discovered in the Linux kernel, where an information leak occurs through the ext4extentheader to the user space...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: removed two invalid BUGON functions. These vulnerabilities can be triggered trivially by userspace...

Astra Linux - уязвимость в linux-5.10, linux-5.15

The Linux kernel allows user-space processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL, which disables the speculation feature, as well as through the use of seccomp. We noticed that on virtual machines of at least one major cloud provider, the kernel still left the victim...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15, linux-6.1

An integer overflow flaw was discovered in the Linux kernel. This issue causes the kernel to allocate skbsharedinfo in the user space, which can be exploited in systems without SMAP protection, as skbsharedinfo contains references to function pointers...

Astra Linux - уязвимость в linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Conditional IBPB mitigation has been added. VMSCAPE is a vulnerability that exploits the insufficient branch predictor isolation between a guest and a userspace hypervisor such as QEMU. Existing mitigations already...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain The registers were initialized to prevent a stack leak into the user space...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: uprobes: Fixed a kernel information leak via “uprobes” vma. xoladdvma: Maps the uninitialized page allocated by createxolarea into user space. On some architectures x86, this memory is readable even without VMREAD or VMEXEC;...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RISCV: Vector: Fixed context saving/restoring with xtheadvector. Previously, only v0-v7 were correctly saved/restored, and the context of v8-v31 was corrupted. v8-v31 were correctly saved/restored to avoid breaking the user space...

FreeBSD Security Advisory - FreeBSD-SA-26:20.fusefs

FreeBSD Security Advisory - When a fusefs file system implements extended attributes, the kernel may send a FUSELISTXATTR message to the userspace daemon to retrieve the list of extended attributes for a given file. The FUSE protocol requires the daemon to return a packed list of NUL-terminated...

PT-2026-45478

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11 Linux kernel versions prior to 6.18.34 Linux kernel versions prior to 6.12.92 Linux kernel versions prior to 6.6.142 Linux kernel versions prior to 6.1.175 Linux kernel versions prior to 5.15.209 Linux...

[SECURITY] Fedora 43 Update: kernel-headers-7.0.6-100.fc43

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

[SECURITY] Fedora 44 Update: kernel-headers-7.0.6-200.fc44

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

Unity Linux 20.1060e / 20.1070e Security Update: openvswitch (UTSA-2026-017640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017640 advisory. A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packe...

SUSE CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...