CVE-2026-43064

CVE-2026-43064 affects the Linux kernel’s dmaengine idxd, where the workqueue for a DSA/IAA device was not released on object release. The underlying cause is that the workqueue remained bound to the freed object, leading to resource leaks. The issue is now fixed: the workqueue is released after ...

PT-2026-37067

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the dmaengine idxd component where the workqueue associated with a Data Streaming Accelerator DSA or Intel Analytics Accelerator IAA device is not released when t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal The devicedel function can cause new work to be scheduled in the gadget-workqueue. This issue is observed, for example, with the dwc3 driver, as follows: c devicedel...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue tasks on CPUs excluded from cpusmask. The following warning was triggered on a large machine during boot time in a distribution kernel; the same issue should also affect the mainline version of the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before the interface was enabled. This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d “can: mcp251x: fix resu...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Do not destroy the workqueue from work items running on it. This issue was triggered by a decrease in the value of kref. The destroyworkqueue function may be called from within a work item to destroy its own...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: added flushworkqueue to prevent UAF. Our detector identified a bug caused by concurrent use-after-free when detaching a NCI device. The main reason for this bug is the unexpected scheduling between the delayed mechanism...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fixed the warning “checkFlushDependency” in file workqueue.c. In the commit aee2424246f9 “RDMA/iwcm: Fixed a use-after-free issue related to destroying CM IDs”, the function flushworkqueue was called to flush the iwcmw...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fixed an oops error when removing custom query handlers. When removing custom query handlers, the handler may still be used within the EC query workqueue. This could lead to a kernel oops if the module that holds the...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix flushcpuslab/freeslab invocations in task context. Commit 5a836bf6b09f "mm: slub: move flushcpuslab invocations freeslab invocations out of IRQ context" moved all flushcpuslab invocations to the global workqueue to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Use hdev-workqueue when scheduling hdev-cmd,ncmdtimer works. syzbot reports that an attempt is made to schedule hdev-cmdwork from systemwq to hdev-workqueue WQ, which is currently in a draining operation 1. Commit...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: server: splitting ksmbdrdmastoplistening out of ksmbdrdmaDestroy We cannot call destroyworkqueuesmbdirectwq; before stopsessions! Otherwise, existing connections will attempt to use smbdirectwq as a NULL pointer...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: parisc: led: Fix potential null-ptr-deref in starttask starttask calls createsinglethreadworkqueue, and the return value is not checked. This may result in a NULL return value. A null-ptr-deref could occur as a result: starttask...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Added a missing check for allocorderedworkqueue. Added a check on the return value of allocorderedworkqueue, as it may return a NULL pointer, leading to a NULL pointer dereferencing issue. Patchwork:...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: iwl4965 – Added a check for the return value of the createsinglethreadworkqueue function. The check is added to prevent NULL pointer dereferencing...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following issues: - Splat: 167.057718 BUG: Sleeping function called from invalid context at include/linux/sched/mm.h:229...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Added mutex protection for workqueue The workqueue may execute late, even after remoteproc is stopped or disabled. Some resources such as the rpmsg device and endpoint have been released in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: A possible memory leak has been fixed in stmmacdvrprobe. The bitmapfree function should be called to release priv-afxdpzcqps when createsinglethreadworkqueue fails. Otherwise, a memory leak will occur. Therefore, we...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Nouveau: The offload fence uevents function is now processed via the workqueue. This should prevent a deadlock between the fctx lock and the irq lock. The processing of uevents is offloaded from the irq to the workqueue...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “drm/msm: Add missing check and destroy for allocorderedworkqueue” This change reverts to the previous behavior in commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch attempted to fix the issues related to msmdrminit,...