Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: AppArmor: A memory leak has been fixed in allocns. After changes in commit a1bd627b46d1 “AppArmor: sharing the profile name during replacement”, the hname member of the struct aapolicy is not a valid slab object; however, it is a...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: lib/alloctag: do not acquire non-existent lock in alloctagtopusers alloctagtopusers attempts to lock alloctagcttype-modlock even when the alloctagcttype is not allocated because: 1 alloc tagging is disabled because mem profiling ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: misc: miscminoralloc to use ida for all dynamic/misc dynamic minors miscminoralloc was allocating id using ida for minor only in case of MISCDYNAMICMINOR but miscminorfree was always freeing ids using idafree causing a mismatch a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Calls to drmputdev have been removed. Since the allocation of the driver’s main structure was changed, the responsibility to trigger the freeing of the structure should be handled by devres. However, drmputdev still...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We should always destroy cmid before destroy qp to avoid to get cma event after qp was destroyed, which may lead to use after free. In RDMA connection establishme...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mcb: Error handling in mcballocbus has been fixed. There are two bugs: 1 If idasimpleget fails, this code calls putdevicecarrier. However, we have not yet called getdevicecarrier, and this may lead to a use-after-free situatio...

Astra Linux - уязвимость в ffmpeg

There is a denial-of-service vulnerability in FFmpeg 4.2 due to a memory leak in the vframealloc function in frame.c...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: In the zone operation, the code must traverse devices under the chunkmutex in btrfscanactivatezone. The btrfscanactivatezone function can be called with the devicelistmutex already held, which could lead to a deadlock. ...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: A sanity check was performed on curseg-alloctype. As Wenqing Liu reported in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215657 - Overview In the UBSAN library, an array-index-out-of-bounds exception occurred at li...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: android:binder: stop saving a pointer to the VMA. Do not record a pointer to a VMA outside of the mmaplock for later use. This is unsafe, and there are several failure scenarios after the recorded VMA pointer may be freed during...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: devres: A memory leak caused by the driver API devmfreepercpu has been fixed. A memory leak occurs when the driver API devmfreepercpu is used to release memory allocated by devmallocpercpu. This issue was addressed by using...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/slab: Added alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be observed: 3959.023862 ------------ Cut here ------------ 3959.023891 alloctag was not...

CVE-2026-31721

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

CVE-2026-43011

The CVE-2026-43011 issue concerns the Linux kernel net/x25 path where a skb may be freed twice due to a double-free path: if alloc_skb fails in x25_queue_rx_frame, kfree_skb(skb) is called, and later x25_backlog_rcv may free the same skb again, causing a crash/DoS. Public advisories confirm this ...

CVE-2026-31721

CVE-2026-31721 affects the Linux kernel USB gadget subsystem, specifically the f_hid driver. The issue arises from initializing wait queues (poll_wait) with init_waitqueue_head inside hidg_bind, which re-initializes queues that may still contain items when the HID gadget is bound/unbound and epol...

CVE-2026-31721 usb: gadget: f_hid: move list and spinlock inits from bind to alloc

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

CVE-2026-31721

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

PT-2026-36378

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the zynqmp nvmem component of the nvmem subsystem where an incorrect buffer size is used during DMA allocation and memory copying. This can result in undersized DMA...

PT-2026-36356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the USB gadget HID function where list and spinlock initializations were performed during the bind process. Specifically, queues registered via poll wait were...