CVE-2026-45837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

CVE-2026-45837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

EUVD-2026-32163

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but never registers the child VMA in arena-vmalist. The vml-vma always points at the parent VMA, so after parent munmap the pointer dangles. If...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the OpenVPN TCP transmission process. When the socket is closed in the user space, the...

CVE-2026-45866

serial: caif: fix use-after-free in caifserial ldiscclose...

Linux Distros Unpatched Vulnerability : CVE-2026-45837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix use-after-free in arenavmclose on fork arenavmopen only bumps vml-mmapcount but nev...

CVE-2026-45837

bpf: Fix use-after-free in arenavmclose on fork...

CVE-2026-45977

fbnic: close fwlog race between users and teardown...

CLSA-2026-1779581056 qemu-kvm: Fix of CVE-2025-11234

CVE-2025-11234: fix use-after-free in QIOChannelWebsock handshake by tracking the handshake GSource id and removing it on close/finalize...

CVE-2026-45251 Kernel use-after-free via file descriptor syscalls

A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object being freed while the thread remains blocked. In this situation, t...

FreeBSD : FreeBSD -- Kernel use-after-free via file descriptor syscalls (ee21f41f-54b5-11f1-8d7a-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ee21f41f-54b5-11f1-8d7a-bc241121aa0a advisory. A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - Fixed bitmap corruption when using CLOSERANGEUNSHARE with closerange. - The function copyfdbitmapsnew, old, count is expected to copy the first count/BITSPERLONG bits from old-fullfdsbits and fill the rest with zeros. It...

Astra Linux - уязвимость в linux-5.15, linux-6.1, linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: TLS: Fixed a race condition between TX work scheduling and socket closure. Similar to previous commits, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. It’s more logical to...

Astra Linux - уязвимость в openimageio

There are multiple code execution vulnerabilities in the IFFOutput::close function of the OpenImageIO Project, specifically in OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to exploit these vulnerabilities...

Astra Linux - уязвимость в exim4

Exim 4 before 4.94.2 allows exposure of file descriptors to an unintended control sphere, because rdainterpret uses a privileged pipe without the closeonexec flag...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...

Astra Linux - уязвимость в openimageio

A denial-of-service vulnerability exists in the DPXOutput::close function of the OpenImageIO Project, version 2.4.4.2. A specially crafted ImageOutput object can lead to a null pointer dereferencing issue. An attacker can provide malicious input to trigger this vulnerability...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: filelock: Removes locks reliably when a race between fcntl/close operations is detected. When the fcntlsetlk operation races with the close operation, the created lock is removed using dolockfilewait. However, LSMs may allow t...

Astra Linux - уязвимость в linux

A issue was discovered in the Linux kernel before version 5.10. The file drivers/infiniband/core/ucma.c contains a use-after-free, as the context of the ctx variable is accessed through ctxlist in certain situations where ucmamigrateid is called, specifically when ucmaclose is invoked. This issue...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: FSI: Occ: Prevent use after freeing. Use getdevice and putdevice in the open and close functions to ensure that the device does not become free while a file descriptor is open. Additionally, lock around the freeing of the device...