Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: pcigeneric: Remove the WQMEMRECLAIM flag from the state workqueue. A recent change created a dedicated workqueue for the state-change work, with WQHIGHPRI and WQMEMRECLAIM flags. However, the state-change work...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: Do not reallocate the workqueue every time an interface is added. The commit 09ed8bfc5215 “wilc1000: Rename the workqueue from “WILCwq” to “NETDEV-wq” moved the creation of the workqueue in wilcnetdevifcinit, in...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: IB/mlx5: Fixed error handling during the init stage to avoid double-freeing of the same QP and UAF. In the unlikely event that workqueue allocation fails and returns NULL in mlx5mkeycacheinit, delete the call to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed a deadlock between the devlink lock and esw-wq. When esw-workqueue executes eswfunctionschangedeventhandler, eswvfschangedeventhandler acquires the devlink lock. The code at eswvfschangedeventhandler calls...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net.manap: Null servicewq on setup error to prevent double destruction. In the managdsetup error path, set gc-servicewq to NULL after destroyworkqueue, to match the cleanup in managdcleanup. This prevents a use-after-free if the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Moving vbus draw to the workqueue context Currently, the dwc3gadgetvbusdraw function can be called from an atomic context. This, in turn, invokes APIs from the power-supply-core. Some of these PMIC APIs have...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fix for use-after-free in the encoder release path. The fopsvcodecrelease function frees the context structure ctx without first canceling any pending or ongoing operations in ctx-encodework. This creates...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed the issue where the workqueue was not released upon calling .release. The workqueue associated with a DSA/IAA device is not released when the object is freed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed an issue where double destroyworkqueue occurred during the service rescan PCI path operation. While testing corner cases in the driver, a use-after-free crash was discovered during the service rescan PCI path...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: moving async event work off nvmet-wq For the target function nvmetctrlfree, the variable ctrl-asynceventwork is flushed. If nvmetctrlfree runs on nvmet-wq, the flush re-enters the workqueue completion for the same worker. ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021564 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when t...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021614)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021614 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: omapdrm: Add missing check for allocorderedworkqueue As it may return NULL pointer and cause...

SUSE CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

SUSE CVE-2026-43440

In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...

SUSE CVE-2026-43170

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

CVE-2026-43440

A flaw was found in the Linux kernel's net/mana network driver. An error in the managdsetup function's cleanup process could result in a use-after-free vulnerability. This occurs because the servicewq workqueue pointer is not correctly nulled after destruction during setup errors, which could all...

Linux Distros Unpatched Vulnerability : CVE-2026-43468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devli...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol CVE-2025-38192 In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access CVE-2025-38704 In...

EUVD-2026-28774

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

EUVD-2026-28746

In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...