Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a race condition between CPU buffer writes and swapping operations. A warning occurred in rbendcommit at the following line of code: if RBWARNONcpubuffer, !localread&cpubuffer-committing WARNING: CPU: 0 PID: 139 at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: rcutorture: Fixed the issue where ksoftirqd’s timing and iteration were increased. The RCU priority boosting can fail in two situations: 1 If nrcpus maxcpus, meaning that the total number of CPUs is greater than the number of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Netfilter: Use getrandomu32 instead of prandom. This issue may occur when updating the per-cpu rndstate from the user context, i.e., at the localout path. BUG: Using smpprocessorid in preemptible 00000000 code: nginx/2725 Caller:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/64s/slb: Fixed the issue where multiple hits occurred during SLB preloading. On systems that use the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: media: rc: gpio-ir-recv: added/removed functions If runtime PM is enabled, perform runtime PM cleanup to remove the cpu latency QoS request. Otherwise, driver removal may result in the following kernel dump: 19.463299 Unable t...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fixed a memory leak in the error path. If, for some reason, the speedbin length is incorrect, then there is a memory leak in the error path, as we never free the speedbin buffer. This commit fixes the error path so...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fixed an oops during rmmod on single-CPU platforms. During the removal of the idxd driver, a registered offline callback was invoked as part of the cleanup process. However, on systems with only one CPU online, n...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iptunnel: It was necessary to adapt iptunnelxmitstats to use NETDEVPCPUSTATDSTATS. The commits that caused this issue overlooked the fact that vxlan/geneve uses udptunnel6xmitskb, which calls iptunnelxmitstats. iptunnelxmitstats...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/iucv: Fixed the size of interrupt data iucvirqdata needs to be 4 bytes larger. These bytes are not used by the iucv module, but are written by the z/VM hypervisor in case a CPU is deconfigured. Reported as: BUG...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: workqueue: The issue related to the selection of wakecpu in kickpool has been fixed. With cpupossiblemask=0-63 and cpuonlinemask=0-7, the following kernel error was observed: smp: Bringing up secondary CPUs… smp: Brought up 1 nod...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: perf: Do not broadcast to other CPUs when starting a counter This command: $ perf record -e cycles:k -e instructions:k -c 10000 -m 64M dd if=/dev/zero of=/dev/null count=1000 produces this kernel warning: 444.364395...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fixed the latency and residency issues during CPU/L2 idle states. The entry/exit latency and minimum residency in the idle states of the MSM8998 device were incorrect. Firstly, the timings were set for...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: Fixed a race condition related to port output. Assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows. 2. Two network namespaces: “server” and “client”. 3...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: spi: Fixed a use-after-free issue during controller registration failures. Be sure to also deregister from the driver core in case the per-cpu statistics allocation fails during controller registration, in order to avoid...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: io-wq: Fixed a memory leak during worker creation. If the CPU mask allocation for a node fails, the memory allocated for the iowqe structure of the current node does not get freed during error handling, since it has not yet been...

SUSE SLES12 Security Update : dovecot22 (SUSE-SU-2026:1641-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1641-1 advisory. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. - CVE-2025-59032:...

RHCOS 4 : OpenShift Container Platform 4.20.16 (RHSA-2026:3851)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3851 advisory. - golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 Note that Nessus has not tested fo...

Security Bulletin: IBM i is affected by BIND being too lenient accepting records with forged data and consuming excessive CPU when a resolver is performing DNSSEC validation [CVE-2025-40778, CVE-2026-1519].

Summary Domain Name System for IBM i is vulnerable to BIND being too lenient when accepting records from answers allowing an attack to inject forged data into cache CVE-2025-40778, and consuming excessive CPU when a resolver is performing DNSSEC validation and encounters a maliciously crafted zon...

CVE-2026-31734

A flaw was found in the Linux kernel's schedext component. An incorrect check for migration-disabled tasks on systems without CONFIGPREEMPTRCU enabled could lead to a task being dispatched to a remote CPU. This can trigger an scxerror in taskcanrunonremoterq, resulting in a Denial of Service...

CVE-2026-31697

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if the firmware command failed. If the failure was due to an invalid...