30 matches found
UBUNTU-CVE-2026-43331
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...
CVE-2026-43331
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after loadsegments The loadsegments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIGKCOV is enabled, any subsequent instrumented C...
PT-2026-38982
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after load segments The load segments function changes segment registers, invalidating GS base which KCOV relies on for per-cpu data. When CONFIG KCOV is enabled, any subsequent instrumente...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can now be called from process context. tcpv6RtXsynack can now be called in process context, as explained in 0a375c822497 "tcp: tcpv6RtXsynack can be called from process context". tcpv6RtXsynack may call...
CVE-2026-31559
A flaw was found in the Linux kernel. During the system's initial startup, a critical error can occur if memory allocation fails while the system is reading CPU information. This is due to a missing check for empty or invalid data when duplicating strings, which can lead to a system crash,...
CVE-2026-23332
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "maxcpus" to limit the number of CPUs, disabling turbo via: echo 1...
CVE-2026-23332
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "maxcpus" to limit the number of CPUs, disabling turbo via: echo 1...
AZL-67166 CVE-2025-39749 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: rcu: Protect -deferqsiwpending from data race On kernels built with CONFIGIRQWORK=y, when rcureadunlock is invoked within an interrupts-disabled region of code 1, it will invoke rcureadunlockspecial, which uses an irq-work handle...
CVE-2025-39749
The CVE-2025-39749 issue is in the Linux kernel’s RCU read-side handling: when IRQ work is used (CONFIG_IRQ_WORK=y) and rcu_read_unlock() runs in an interrupts-disabled region, irq-work can interrupt rcu_read_unlock_special(), creating a data race on the per-CPU defer_qs_iw_pending field. The fix...
PT-2025-30807
Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 6.16.0-rc1 Description A flaw was discovered in the RISC-V architecture of the Linux kernel related to the handling of SBI Standardized Boot Interface and per-CPU data allocation when NUMA Non-Uniform Memory Acce...
DEBIAN-CVE-2023-53121
In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...
CVE-2025-21862 drop_monitor: fix incorrect initialization order
In the Linux kernel, the following vulnerability has been resolved: dropmonitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: /-1, .ownercpu: 0 CPU: 1 PID: 7995 Comm...
UBUNTU-CVE-2024-56617
In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Allocate memory during CPU hotplug if not done from the primary CPU Commit 5944ce092b97 "archtopology: Build cacheinfo from primary CPU" adds functionality that architectures can use to optionally allocate and build...
UBUNTU-CVE-2024-50036
In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...
CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()
In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...
DEBIAN-CVE-2024-42126
In the Linux kernel, the following vulnerability has been resolved: powerpc: Avoid nmienter/nmiexit in real mode interrupt. nmienter/nmiexit touches per cpu variables which can lead to kernel crash when invoked during real mode interrupt handling e.g. early HMI/MCE interrupt handler if percpu...
AZL-47926 CVE-2024-40997 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...
UBUNTU-CVE-2024-40997
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...
CVE-2023-3640
CVE-2023-3640 – summary (Linux kernel x86 per-CPU entry area leak) A local memory leakage flaw was identified in the Linux kernel’s cpu_entry_area mapping for X86, enabling a local user to infer addresses of exception stacks and other kernel data. The vulnerability stems from partial randomness o...
CVE-2023-0597
A flaw possibility of memory leak in the Linux kernel cpuentryarea mapping of X86 CPU data to memory was found in the way user can guess location of exception stacks or other important data. A local user could use this flaw to get access to some important data with expected location in memory...