259 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cachefiles: The maximum subrequest size for cache writes has been set to MAXRWCOUNT. The maximum size of a subrequest that writes to cachefiles is now MAXRWCOUNT, ensuring that we do not exceed the maximum number of writes we can...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: Fixed a slab-out-of-bounds issue in cachefilessetvolumexattr. The actual length of volume coherence data should be used when setting the xattr value to avoid the following KASAN report. BUG: KASAN: Slab-out-of-boun...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Cyclic allocation of msgid to avoid reuse. Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed, resulting in a hung task, as shown below: t1 | t2 | t3...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Added missing lock protection when polling. Added missing lock protection in the poll routine when iterating the xarray. Otherwise, even with the RCU read lock held, only the slot of the radix tree is guaranteed to be...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: Fixed the dentry leak in cachefilesopenfile. A dentry leak may occur when a lookup cookie and a cull operation are performed concurrently. P1 | P2 -----------------------------------------------------------...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: cachefiles: fixed a memory leak in cachefilesaddcache The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== Unreferenced object...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cachefiles: corrected the incorrect dentry reference count in cachefilescull. The patch mentioned below changed cachefilesburyobject to expect two references to the ‘rep’ dentry. Three of the caller functions were changed to use...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: “cachefiles”: requests are removed from xarray during flushing requests. Even when the CACHEFILESDEAD flag is set, we can still read the requests. Therefore, in concurrent scenarios, a request may be accessed after it has been...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Wait for ondemandobjectworker to finish before dropping the object. When queuing ondemandobjectworker to re-open the object, cachefilesobject is not pinned. The cachefilesobject may be freed when the pending read...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Unmarking an inode as being in use in error paths The inode is marked as “in use” if an error occurs. If the marking of the inode as “in use” occurs in cachefilesopenfile, Cachefiles will report an error message sayin...
Linux Distros Unpatched Vulnerability : CVE-2026-43106
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below change...
CVE-2026-43106
A flaw was found in the Linux kernel's cachefiles module, which manages cached files. This vulnerability stems from an error in how the system counts references to certain file system objects, specifically within the cachefilescull function. When a reference is lost, it can lead to system...
EUVD-2026-27622
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...
CVE-2026-43106
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...
CVE-2026-43106
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...
CVE-2026-43106
CVE-2026-43106 concerns the Linux kernel, specifically the cachefiles module. The issue is a faulty dentry reference accounting in cachefiles_cull() that could cause a lost reference, due to one code path not taking the extra reference required by cachefiles_bury_object(). The patch adjusts sever...
CVE-2026-43106 cachefiles: fix incorrect dentry refcount in cachefiles_cull()
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...
CVE-2026-43106
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...
PT-2026-37416
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefiles cull The patch mentioned below changed cachefiles bury object to expect 2 references to the 'rep' dentry. Three of the callers were changed to use start removing dentry whic...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013863)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013863 advisory. In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine...