Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fixed a possible use-after-free in nicstarcleanup The remove path of this module calls deltimer. However, that function does not wait until the timer handler is finished. This means that the timer handler may still ...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: atm: The atmdevmutex is released after removing procfs in atmdevderegister. syzbot reported a warning during atmdevregister. 0 Before creating a new device and procfs/sysfs for it, atmdevregister looks up a duplicate device...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: atm: Added lecmutex. The issue was discovered in net/atm/lec.c, where a error path was found in lecdattach. This path could leave a dangling pointer in devlec. A mutex was added to protect the use of devlec from lecdattac...

Astra Linux - уязвимость в linux-5.10, linux

The atmtcenqueue function in the net/sched/schatm.c file of the Linux kernel, as of version 6.1.4, allows attackers to cause a denial of service due to type confusion. In some cases, non-negative numbers can indicate a TCACTSHOT condition instead of valid classification results...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: atm: clip: A memory leak in the struct clipvcc structure has been fixed. The ioctlATMARPMKIP function allocates a struct clipvcc structure and sets it to vcc-userback. The code assumes that the vccDestroySocket function passes...

SUSE CVE-2026-43050

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: atm: Fix NULL pointer dereference When MPOAcacheimposrcvd receives the msg, it can trigger Null Pointer Dereference Vulnerability if both entry and holdingtime are NULL. Because there is only for the situation where entry is NULL...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevented NULL dereferencing in clippush The committed code failed to account for calls to vccDestroySocket where clippush is used with a NULL skb. If clipdevs is NULL, clippush then crashes when reading skb-truesize...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...

CVE-2026-43050 atm: lec: fix use-after-free in sock_def_readable()

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

CVE-2026-43050

In the Linux kernel, the following vulnerability has been resolved: atm: lec: fix use-after-free in sockdefreadable A race condition exists between lecatmclose setting priv-lecd to NULL and concurrent access to priv-lecd in sendtolecd, lechandlebridge, and lecatmsend. When the socket is freed via...

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lecatmclose function in the atm lec driver not synchronizing the clearing of the priv-lecd pointer,...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

RHEL 7 : kernel-rt (RHSA-2026:10756)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10756 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013866)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013866 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011384)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011384 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if copyfromiterfull fails. In vccsendmsg, we account skb-truesize to...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007555 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in toatmarpd. atmarpd is protected by RTNL since commit...

Automatic Teller Machines for Offline E-Cash

Electronic cash e-cash is a digital alternative to physical currency that allows anonymous transactions between users and merchants. Typically, coins in an e-cash scheme are only dispensed through a central bank. A drawback of this approach is that the bank is always on the critical path during...