Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cgroup, freezer: Hold cpuhotpluglock before freezermutex. syzbot reports a circular locking dependency between cpuhotpluglock and freezermutex. To address this issue, commit f5d39b020809 “freezer,sched: Rewrite core freezer...

OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: using cpuhpstateremoveinstancenocalls instead of cpuhpstateremoveinstance so that the notifications do not execute after the PMU device has been unregistered. When removing the ‘hisihns3’ PMU, we accidentally...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: x86/fpu: Keep xfdstate synchronized with MSRIA32XFD. The commits 672365477ae8 "x86/fpu: Update XFD state where required" and 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per-CPU variable xfdstate to maintain t...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 0,...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential deadlock in CPU hotplug with osnoise. The following sequence may lead to a deadlock in CPU hotplug: task1 task2 task3 ----- ----- ----- The code sequence is as follows: mutexlock&interfacelock CPU GOING...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove the cpuhp instance node before removing the cpuhp state The functions cpuhpstateaddinstance and cpuhpstateremoveinstance should be used in pairs. Otherwise, a warning will be issued during the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/scs: The task stack state is reset in bringupcpu. When a CPU is hot-plugged, the idle task on that CPU calls several layers of C code before finally leaving the kernel. When KASAN is in use, a “poisoned” shadow is left behi...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash when I/O abort times out While performing CPU hotplug, a crash with the following stack was seen: Call Trace: qla24xxprocessresponsequeue+0x42a/0x970 qla2xxx qla2x00startnvmemq+0x3a2/0x4b0 qla2xxx...

tracing: Fix potential deadlock in cpu hotplug with osnoise

...

SUSE CVE-2026-31480

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutexlock&interfacelock CPU GOING OFFLINE cpuswritelock; osnoisecpudie;...

CVE-2026-31480

A flaw was found in the Linux kernel. A local attacker or a user with specific privileges could exploit a race condition during CPU hotplug operations, specifically when using the 'osnoise' tracing feature. This vulnerability can lead to a system deadlock, rendering the system unresponsive and...

EUVD-2026-24839

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutexlock&interfacelock CPU GOING OFFLINE cpuswritelock; osnoisecpudie;...

CVE-2026-31480

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutexlock&interfacelock CPU GOING OFFLINE cpuswritelock; osnoisecpudie;...

CVE-2026-31480

CVE-2026-31480 concerns a Linux kernel deadlock in CPU hotplug when tracing with osnoise. The vulnerability arises from a lock-ordering issue: a mutex_lock on interface_lock is taken while osnoise_sleep() and subsequent actions hold cpu hotplug state, followed by cpus_read_lock(), which can cause...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013523 advisory. In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, t...

PT-2026-34385

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential deadlock exists in the tracing component during CPU hotplug operations involving osnoise. The issue occurs when a specific sequence of events involving mutex lock&interface...

Linux Distros Unpatched Vulnerability : CVE-2026-31480

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- -----...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013689 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhpstateremoveinstancenocalls for hisihns3pmu uninit process When teari...