Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: vdpa: Added a queue index attr to the vdpanlpolicy structure for checking nlattr lengths. The vdpanlpolicy structure is used to validate the nlattr during the parsing of incoming nlmsg messages. It ensures that the described...

CVE-2026-31420

CVE-2026-31420 affects Linux kernel bridge MRP interval handling. Vulerability arises when br_mrp_start_test/br_mrp_start_in_test accept a user-supplied interval from netlink with no validation; if interval is 0, the delay becomes zero and a tight loop can exhaust memory, causing an OOM kernel pa...

CVE-2023-54031

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr...

CVE-2023-53369 net: dcb: choose correct policy to parse DCB_ATTR_BCN

In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...

kernel: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check

An out-of-bounds read vulnerability was found in the Linux kernel's vDPA virtio Data Path Acceleration netlink interface. The vdpanlpolicy structure was missing the nlapolicy entry for the queue index attribute. Without proper validation, parsing netlink messages with this attribute could result ...