CVE-2026-46240

A flaw was found in the Linux kernel, specifically within the media: iris driver. This vulnerability, a use-after-free, occurs when a buffer is prematurely freed by sessionreleasebuf while irisreleaseinternalbuffers continues to access it. This improper handling of memory can lead to system...

CVE-2026-46240

The CVE-2026-46240 issue affects the Linux kernel iris driver. A use-after-free occurs when iris_release_internal_buffers() accesses a buffer after session_release_buf() frees it, caused by a regression from a change that destroys internal buffers after FW releases. The documented fix sets BUF_AT...

EUVD-2026-32486

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gfs2 file system’s gfs2fillsuper function. The improper handling of this function, particular...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fixed invalid buffer access for legacy rq The following crash can occur when using xdpsock in RX mode for legacy rq: the buffer is released in the XDPREDIRECT path, and then again in the driver. This fix sets a fl...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double calls to brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free a free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call trace:...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: ext4: fixed an issue where the buffer of extents was freed twice. In ext4exttrytomergeup, the path1.pbh was set to NULL after it was released. Otherwise, it might be released twice. An example of what triggers this is as...

SUSE CVE-2026-43153

In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a valid buffer when xfsattr3leaflookupint returns -ENOATTR or -EEXIST, and ...

EUVD-2026-27714

In the Linux kernel, the following vulnerability has been resolved: Revert "media: iris: Add sanity check for stop streaming" This reverts commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. Revert the check that skipped stopstreaming when the instance was in IRISINSTERROR, as it caused multiple...

CVE-2026-43153

In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a valid buffer when xfsattr3leaflookupint returns -ENOATTR or -EEXIST, and ...

CVE-2026-43225

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix memory leak on failure path cfg80211informbssframe may return NULL on failure. In that case, the allocated buffer 'buf' is not freed and the function returns early, leading to potential memory leak. Fix th...

CVE-2026-43153

CVE-2026-43153 affects the Linux kernel’s XFS attribute handling: the function xfs_attr_leaf_hasname has an problematic calling convention that can mishandle buffers. The fix is to open-code xfs_attr_leaf_hasname in callers so each caller of xfs_attr3_leaf_read manages buffer release. The issue i...

CVE-2026-43153 xfs: remove xfs_attr_leaf_hasname

In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfsattrleafhasname The calling convention of xfsattrleafhasname is problematic, because it returns a NULL buffer when xfsattr3leafread fails, a valid buffer when xfsattr3leaflookupint returns -ENOATTR or -EEXIST, and ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with the function call convention in the xfs driver’s xfsattrleafhasname function. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fslucchdlc driver’s improper handling of continuously allocated buffers during cleanup, causi...

PT-2026-37493

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A problem exists in the XFS filesystem component where the xfs attr leaf hasname function has a problematic calling convention. The function may return a NULL buffer if xfs attr3 leaf re...

CVE-2026-43066

CVE-2026-43066: In Linux kernel ext4_fc_replay_inode(), iloc.bh leak could occur on error paths due to missing brelse at several failure points. The patch adds an out_brelse label before the existing out label to ensure iloc.bh is released, and also makes ext4_fc_replay_inode() propagate errors i...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeuerx We can't dereference "skb" after calling vcc-push because the skb is released...

Astra Linux - уязвимость в linux-5.10, linux

drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev-buf release...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the buffer release/clearing order in the deferred receive path. A use-after-free condition was addressed by correcting the buffer release sequence in the deferred receive path. The code first releases the RQ...