pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained code vulnerabilities. This vulnerability stemmed from the fact that the src/log.c file contained a process-level static pointer; each PAM ca...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: Fixed issues related to data races around sk-skforwardalloc. Syzkaller reported this warning: ---------------- Cut here ------------------- WARNING: CPU: 0 PID: 16 Location: net/ipv4/afinet.c:156,...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcprecovery. When reading sysctltcprecovery, it can be changed concurrently. Therefore, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fixed possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct gfs2tune are accessed without holding the lock gtspin in gfs2showoptions: val = sdp-sdtune.gtlogdsecs; if val != 30 seqprintfs,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpfastopenblackholetimeout. When reading sysctltcpfastopenblackholetimeout, it can be changed concurrently. Therefore, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ip: Fixed data races related to sysctlipfwdusepmtu. When reading sysctlipfwdusepmtu, it can be changed concurrently. Therefore, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpminsndmss. While reading sysctltcpminsndmss, it can be changed concurrently. Thus, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6/sit: use DEVSTATSINC to avoid data-races syzbot/KCSAN reported that multiple cpus are updating dev-stats.txerror concurrently. This is because sit tunnels are NETIFFLLTX, meaning their ndostartxmit is not protected by a...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmtuprobing. While reading sysctltcpmtuprobing, it can be changed concurrently. Thus, we need to add READONCE to its readers...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sysctl: Data race issues in procdouintvecminmax have been fixed. A sysctl variable is accessed concurrently, and there is always a risk of data races. Therefore, both readers and writers need some basic protection to avoid data...

Astra Linux - уязвимость в rustc

crossbeam-utils provides atomic operations, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. Prior to version 0.8.7, crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv4: The issue related to data races around sysctlfibmultipathhashpolicy has been fixed. When reading sysctlfibmultipathhashpolicy, it is possible for it to be changed concurrently. Therefore, we need to add READONCE to its...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006919)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006919 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006935)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006935 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006636)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006636 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpl3mdevaccept. While reading sysctltcpl3mdevaccept, it can be...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006683 advisory. In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipprotsock. sysctlipprotsock is accessed concurrently, and there ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006644)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006644 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpfastopenblackholetimeout. While reading...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006747)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006747 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2showoptions Some fields such as gtlogdsecs of the struct...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006640 advisory. In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006583)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006583 advisory. In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif whi...