Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939SESSIONdeactivate The statement “j1939SESSIONdeactivate should be called with a session ref-count of at least 2” is incorrect. In some concurrent scenarios, j1939SESSIONdeactivate can be...

Astra Linux - уязвимость в qemu

A “off-by-one” read/write issue was identified in the SDHCI device of QEMU. This issue occurs when reading/writing the Buffer Data Port Register using the sdhcireaddataport and sdhciwritedataport functions, specifically when datacount == blocksize. A malicious guest could exploit this flaw to cra...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In the isotprcv function, there is a potential issue where race conditions may occur during CAN frame reception. When receiving a CAN frame, the current code logic does not consider processes that are not actually running in...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvme: Fixed a possible use-after-free condition during controller reset during loading. Unlike .queuerq, in .submitasyncevent, drivers may not check the state of ctrl before submitting an AER. This can lead to a use-after-free...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: xhci: Remove device endpoints from the bandwidth list when freeing the device. Endpoints are normally deleted from the bandwidth list when they are dropped, before the virt device is freed. If the xHCI host is dying or being...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Remove the “MHI autoqueue” feature for IPCR DL channels. The MHI stack provides the “autoqueue” feature, which allows the MHI stack to automatically queue buffers for the RX path DL channels. Although this feature...

Astra Linux - уязвимость в linux, linux-5.10

A flaw was discovered in the Linux kernel’s KVM when attempting to set the SynIC IRQ. This issue allows a malfunctioning VMM to write to the SYNIC/STIMER MSRs, leading to a NULL pointer derefrence error. This flaw enables an unprivileged local attacker on the host to issue specific ioctl calls,...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check that the endpoint is valid before dereferencing it When the host controller is not responding, all URBs User-Randomized Block Structures queued for all endpoints need to be terminated. This can cause a kernel pan...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: fixed leaks when hcicmdsyncqueueonce fails When hcicmdsyncqueueonce returns an error, the destroy callback will not be called. Fixed the issue of leaking references/memory in cases where this error occurs...

Astra Linux - уязвимость в linux

A flaw was discovered in the KVM’s AMD code, responsible for supporting SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest, which is used to spawn or handle a nested guest L2. Due to improper validation of the “intct...

Astra Linux - уязвимость в linux

A flaw was discovered in the CAN BCM networking protocol within the Linux kernel. A local attacker can exploit this flaw in the CAN subsystem to corrupt memory, cause the system to crash, or escalate privileges. This race condition in the net/can/bcm.c file of the Linux kernel allows for local...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing the OPCINBSETCONTROLLERCONFIG command. The tags allocated for the OPCINBSETCONTROLLERCONFIG command need to be freed when we receive the response...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on startstreaming failure Buffers are returned if streaming fails to start due to a uvcpmget error. This bug may be responsible for the warning that I encountered during testing. The issue...

Astra Linux - уязвимость в qemu

A out-of-bounds heap buffer access issue was identified in the ARM Generic Interrupt Controller emulator of QEMU, as of and including qemu 4.2.0 on the aarch64 platform. The issue arises because, when writing an interrupt ID to the controller’s memory area, it is not masked to be 4 bits wide. Thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: – Parsing the DT Device Tree for flashes along with the rest of the DT parsing. The recent refactoring of the code responsible for enabling runtime PM was implemented in the commit f1eb4e792bb1 „spi:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: EDAC/mc: Fixed the error path ordering in edacmcalloc. When the mci-pvtinfo allocation in edacmcalloc fails, the error path will call putdevice, which will ultimately call the device’s release function. However, the...

Astra Linux - уязвимость в qemu

A heap-based buffer overflow was discovered in QEMU version 5.0.0 in the SDHCI device emulation support. This vulnerability could occur during a multi-block SDMA transfer using the sdhcisdmatransfermultiBlocks routine in the hw/sd/sdhci.c file. A malicious user or process could exploit this flaw ...

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

CVE-2026-42945 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller...

GHSA-GCGV-V5GF-C543 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller...