Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - Do not allow gsosize to be set to GSOBYFRAGS. - A missing check in virtionethdrtoskb allowed syzbot to crash kernels again. Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel...

Astra Linux - уязвимость в qemu

A use-after-free vulnerability was discovered in the virtio-net device of QEMU. This vulnerability can occur when the address of the descriptor belongs to the non-direct access region, due to the numbuffers being set after the virtqueue elem has been unmapped. A malicious guest can exploit this...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: Fixed pages leaking when building skb in big mode. We attempt to use buildskb if there is sufficient “tailroom”. However, we forget to release the unused pages that are chained via private in big mode, which can lead ...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fixed the issue with xdprxqinfo after suspend/resume. The following sequence currently causes a driver bug warning when using virtionet: bash ip link set eth0 up echo mem /sys/power/state or e.g., rtcwake -s 10 -m mem ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: virtionet: Do not send RSS commands if the feature is not available on the device. There is a bug when setting RSS options in virtionet that can cause the entire machine to become unstable, leading to an infinite loop in the...

Astra Linux - уязвимость в qemu

A flaw was discovered in QEMU. The async nature of hot-unplug allows for a race condition, where the net device backend is cleared before the virtio-net PCI frontend is unplugged. A malicious guest could exploit this time window to trigger an assertion and cause a denial of service...

CLSA-2026-1779097389 qemu-kvm: Fix of CVE-2023-6693

fix CVE-2023-6693: virtio-net stack overflow via large guesthdrlen...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1708-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1708-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: -...

SUSE-SU-2026:1804-1 Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1793-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1780-1 Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and...

SUSE-SU-2026:1771-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-71066: net/sched: ets: Always remove class from...

SUSE-SU-2026:1768-1 Security update for the Linux Kernel (Live Patch 39 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.161 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1765-1 Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.258 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2026-23004: dst: fix races in rt6uncachedlistdel and...

Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1733-1 Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1725-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

SUSE-SU-2026:1718-1 Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during...