CVE-2026-46137

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...

UBUNTU-CVE-2026-46137

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...

PT-2026-44260

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Multipath TCP MPTCP implementation. The mptcp pm add timer helper function, which operates as a timer callback in softirq context, fails to properly hold the...

CVE-2026-45871 tpm: st33zp24: Fix missing cleanup on get_burstcount() error

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Media: usbtv: Resolution lock-up during streaming When a program is streaming e.g., ffplay and another program changes the TV standard from NTSC to PAL, the kernel crashes due to attempting to copy to unmapped memory. Changing fr...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc were left uninitialized. This caused problems as callers had to explicitly set t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active. Exiting to userspace will generate a spurious userspace exit, usually...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Avoid scheduling in rtasosterm. It is unsafe to use rtasbusydelay to handle a busy status from the IBM,os-term RTAS function in rtasosterm: Kernel Panic – Not Syncing: Attempted to kill init! Exitcode = 0x0000000b...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: Fixed an infinite busy loop after the timeout period has expired. After the commit 0a65bc27bd64 “eventpoll: Sets the epoll timeout if it’s in the future”, the following program would immediately enter an infinite bu...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed a race condition related to the per-CQ variable napiworkdone. After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, allowing another CPU to start a napi thread and access the per-CQ variable...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the inode leak in btrfsiget. BUG There is a bug report that a syzbot reproducer can cause the following issue: A busy inode occurs at the time of unmount: - BTRFS info device loop1: Last unmount of the filesystem...

CVE-2026-43493

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAYBACKLOG requests MAYBACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications...

CVE-2026-43493

CVE-2026-43493 affects the Linux kernel crypto/pcrypt code and concerns MAY_BACKLOG handling. MAY_BACKLOG requests could return EBUSY; the fix adds a check for EBUSY and filters out EINPROGRESS notifications, addressing potential processing instability. The vulnerability is resolved in the Linux ...

CVE-2026-43493

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAYBACKLOG requests MAYBACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications...

PT-2026-41875

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pcrypt crypto component regarding the handling of MAY BACKLOG requests. These requests can return an EBUSY error, which requires proper handling by checking for th...

CVE-2026-43326

A flaw was found in the Linux kernel, specifically within the schedext component. This vulnerability can lead to a system-wide deadlock, causing a Denial of Service DoS where the system becomes unresponsive. The issue arises when the kernel's scheduling mechanism enters a busy-wait state in a...

DEBIAN-CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

UBUNTU-CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

SUSE CVE-2026-43381

In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drmdp then just tell it the device is busy instead of crashing in the GSP code. WARNING: CPU: 2 PID:...

Linux Distros Unpatched Vulnerability : CVE-2026-43388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: clear walkcontrol on inactive context in damoswalk damoswalk sets ctx-walkcontrol to the caller-provided control structure before checking whethe...