PT-2026-37576

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix use-after-free of drm crtc commit after release The atmel hlcdc plane atomic duplicate state callback was copying the atmel hlcdc plane state structure without properly duplicating the drm plane state. In...

JLSEC-2026-421 libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection...

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of internal buffer li...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: fixed the issue where use-after-free occurs in iucvsockclose. The iucvpathseverpath function is called from both process context and thread context. iucv-path is used as an indicator to determine whether someone else...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close netlink supports iterative dumping of data. It provides the following operations: - start – Optional Initiates the dumping process. - dump – The actual dumping process; this...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fixed invalid page access after closing deferred I/O devices When a fbdev with deferred I/O is opened and then closed, the dirty pages remain in the pageref list. Eventually, those pages may be processed during the delayed...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: filelock: Fixed the race condition recovery mechanism for fcntl/close operations. When I wrote the commit 3cad1bc01041 “filelock: Remove locks reliably when a fcntl/close race is detected”, I overlooked the fact that there were t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed a race condition related to unaccepted mptcp sockets. When the listener socket that owns the relevant request is closed, it frees the unaccepted subflows, which causes the paired MPTCP sockets to be deleted later. Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed NULL dereferencing and use-after-free in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak on the deferred close xfstests on smb21 report kmemleak as below: unreferenced object 0xffff8881767d6200 size 64: comm "xfsio", pid 1284, jiffies 4294777434 age 20.789s hex dump first 32 bytes: 80 5a d0 11 8...

Astra Linux - уязвимость в openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2closecachedfid findorcreatecacheddir could grab a new reference after krefput had seen the refcount drop to zero but before cfidlistlock is acquired in smb2closecachedfid, leading to...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/handshake: Fix handshakereqdestroytest1 Recently, the handshakereqdestroytest1 test started failing: The expected value of handshakereqdestroytest should be req, but the actual value is 0000000000000000. The correct value...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fbnic: Move phylink resume out of servicetask and into open/close The fbnic driver was experiencing the following locking assertion when executing PM resume: 42.208116 T164 RTNL: assertion failed at drivers/net/phy/phylink.c 2611...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed under inconsistent locking: some paths read and modify mflags under...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Check for any of tcpbpfprots when cloning a listener A listening socket linked to a sockmap has its skprot overridden. It points to one of the struct proto variants in tcpbpfprots. The variant depends on the socket'...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifsoplockbreak With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplockresponse, this can mean that an unmount...

Astra Linux - уязвимость в jackd2

In posix/JackSocket.cpp within the libjack library in JACK2 version 1.9.1 through 1.9.12 distributed with alsa-plugins 1.1.7 and later, there is an issue where “double file descriptor closes” occur during a failed connection attempt when jackd2 is not running. Successful exploitation depends on t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and closectree Syzbot reported an assertion failure due to an attempt to add a delayed iput after we have set BTRFSFSSTATENODELAYEDIPUT in the fsinfo state: WARNING: CPU: 0 PID: 65 at...