Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disabling bottom softirqs as part of spinlockirq on PREEMPTRT sndpcmgrouplockirq acquires a spinlockt and disables interrupts via spinlockirq. This also implicitly disables the handling of softirqs such as TIMERSOFTIRQ...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: vfs: Do not evict inode under the inode lru traversing context The inode reclaiming process see function pruneicachesb collects all reclaimable inodes and marks them with the IFREEING flag. At that time, other processes will b...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: padata: Always disable BHs when running -parallel. A deadlock can occur when an overloaded system runs -parallel within the context of the current task. The code structure is as follows: c padatadoparallel -parallel...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix a hang issue when the device state is set via sysfs This fix addresses a regression introduced in the commit f0f82e2476f6 “scsi: core: Fix capacity setting to zero after offlineizing a device”. The problem...

CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

CVE-2026-46256

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

Linux Distros Unpatched Vulnerability : CVE-2026-46008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the...

CVE-2026-45924

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...

UBUNTU-CVE-2026-46008

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the damonctx-kdamond so that API callers and API functions themselves can show t...

CVE-2026-46025

CVE-2026-46025 relates to a kernel race between damon_call()/damos_walk() and kdamond termination that could leak memory or deadlock. The connected openSUSE advisory confirms openSUSE Tumbleweed users should upgrade to kernel-devel-7.0.11-1.1 (and mentions the CVE in their 2026-10954 advisory). T...

PT-2026-43875

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the damos walk and kdamond fn functions. When the kdamond fn main loop finishes, it cancels remaining damos walk requests and unsets damon ctx-kdamond...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a deadlock in nilfscountfreeblocks A semaphore deadlock can occur if nilfsgetblock detects metadata corruption while locating data blocks, and a superblock writeback occurs at the same time: task 1 task 2 ------...

CVE-2026-43319

In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...

CVE-2026-43319

CVE-2026-43319 affects the Linux kernel spidev driver. The vulnerability stemmed from inverted lock ordering between spi_lock and buf_lock across code paths (write/read use buf_lock then spi_lock; ioctl uses spi_lock then buf_lock), enabling potential deadlocks in multi-threaded access. The fix u...

PT-2026-38970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lock inversion exists in the spidev driver involving two mutexes, spi lock and buf lock. These locks were acquired in different orders depending on the execution path: write and read...

Linux Distros Unpatched Vulnerability : CVE-2026-43127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The...

SUSE CVE-2026-31687

In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192bs: Fixed a deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait f...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks attempting to cancel each other can also occur through bpfmapupdateelem. More precisely, freeing elements containing...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Nouveau: The offload fence uevents function is now processed via the workqueue. This should prevent a deadlock between the fctx lock and the irq lock. The processing of uevents is offloaded from the irq to the workqueue...