Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check the device status before requesting flushing. If a PMEM device is in an invalid state, the driver could wait indefinitely for the host acknowledgment in virtiopmemflush, causing the system to hang. Therefore, a...

UBUNTU-CVE-2026-23198

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...

CVE-2026-23158

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...

CVE-2026-23158

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...

EUVD-2026-5880

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses guardmutex to protect the device structure. However, the device is freed before the guard cleanup runs, causing mutexunlock to operate ...

CVE-2026-23105 net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

PT-2026-8153

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the gpio-virtuser configfs release path. The device structure is freed before the guard cleanup runs, causing mutex unlock to operate on freed memory...

CVE-2025-40147

CVE-2025-40147 (Linux kernel) describes an access race in blk-throttle during throttle policy activation, where a NULL throttle policy state could be dereferenced during early initialization. The connected documents specify a fix that tightens the activation check: return q->td != NULL && test...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check that the shadow stack is activated when using the shadow stack, which could result in a...

SUSE CVE-2024-50184

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: Check device status before requesting flush If a pmem device is in a bad status, the driver side could wait for host ack forever in virtiopmemflush, causing the system to hang. So add a status check in the beginning o...