Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: preserved skbendoffset in skbunclonekeeptruesize syzbot discovered another way to trigger the infamous WARNONONCE delta truesize, and also ensure that TCP does not fill the new tailroom that skbexpandhead could obtain fro...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: PCI: Free releases resources after coalescing. The releaseresource function does not actually free the resource or the resource list. To avoid a leak, the resource list entry is freed instead...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skbuff: fixed the coalescing behavior for pagepool fragment recycling. Fixed a use-after-free issue when using pagepool with page fragments. We encountered this problem during normal RX processing in the hns3 driver: 1 Initially,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/pagealloc: The migrate type of all pageblocks during coalescing has been changed. When a page is freed, it coalesces with a buddy page into a higher-order page whenever possible. When the migrate type of the buddy page...

CVE-2026-46115

In the Linux kernel block subsystem, CVE-2026-46115 was addressed by adding a check so that zone_device_pages_have_same_pgmap() prevents merging bvec segments that span different dev_pagemaps in biovec_phys_mergeable. Root cause: biovec_phys_mergeable() did not verify that two physically contiguo...

net: skbuff: preserve shared-frag marker during coalescing

...

Unbreakable Enterprise kernel security update: Fragnesia

5.15.0-320.202.8.5 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420565 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420565...

Unbreakable Enterprise kernel security update: Fragnesia

6.12.0-202.76.4.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420559...

Unbreakable Enterprise kernel security update: Fragnesia

5.4.17-2136.355.3.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420568 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420568...

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

CVE-2026-43503

The CVE-2026-43503 entry concerns Linux kernel net/skbuff handling: when frags are moved by frag-transfer helpers (notably __pskb_copy_fclone() and skb_shift()), the SKBFL_SHARED_FRAG flag was not propagated to the destination skb, causing destination pages to remain shared while skb_has_shared_f...

CVE-2026-43503 net: skbuff: propagate shared-frag marker through frag-transfer helpers

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

EUVD-2026-31536

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vsock/virtio: Only linear skb values are coalesced. In vsock/virtio common, attempts to coalesce buffers in the rx queue: if a linear skb with a spare tail room is followed by a small skb whose length is limited by GOODCOPYLEN...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed a possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is not held for the entire duration, and some data structures may be freed during this process. Instead of checking netifrunning,...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: skbuff: Fixed a race condition between coalescing and releasing SKBs. The commit 1effe8ca4e34 “skbuff: fixing coalescing for pagepool fragment recycling” allowed coalescing to proceed with non-page pool pages when @from is cloned...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013513)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013513 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 skbuff: fix coalesci...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013477 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool...

CLSA-2026-1776782592 nodejs: Fix of 2 CVEs

CVE-2026-26996: fix ReDoS in bundled minimatch caused by consecutive non-globstar characters, by coalescing them during pattern compilation - CVE-2026-27904: fix ReDoS in bundled minimatch from nested extglobs and multiple non-adjacent wildcards, by limiting globstar recursion...