279 matches found
CVE-2026-46256
In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...
CVE-2026-45924
In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...
CVE-2026-46025
CVE-2026-46025 documents a Linux kernel vulnerability in mm/damon/core where damon_call() can race with the kdamond thread termination, potentially leaking memory or deadlocking. The root cause is a race between damon_call() and kdamond shutdown due to separate mutex protection, risking a stalled...
PT-2026-43875
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damos walk vs kdamond fn exit race When kdamond fn main loop is finished, the function cancels remaining damos walk request and unset the damon ctx-kdamond so that API callers and API functions themselves can...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: vfs: Do not evict inode under the inode lru traversing context The inode reclaiming process see function pruneicachesb collects all reclaimable inodes and marks them with the IFREEING flag. At that time, other processes will b...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same issue as in the previous patch two timer callbacks attempting to cancel each other can also occur when using bpfmapupdateelem. More precisely, freeing elements containi...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: padata: Always disable BHs when running -parallel. A deadlock can occur when an overloaded system runs -parallel within the context of the current task. The code snippet shows that spinlock&reorder-lock remains enabled despite BH...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix a hang issue when the device state is set via sysfs This fix addresses a regression introduced in the commit: f0f82e2476f6 "scsi: core: Fix capacity setting to zero after offlineing the device". The problem...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disabling bottom softirqs as part of spinlockirq on PREEMPTRT The function sndpcmgrouplockirq acquires a spinlockt and disables interrupts via spinlockirq. This also implicitly disables the handling of softirqs such as...
CVE-2026-43319
In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different orders depending on the code path: write/read: buflock - spilock ioctl...
CVE-2026-43319
CVE-2026-43319 affects the Linux kernel spidev driver. The vulnerability stemmed from inverted lock ordering between spi_lock and buf_lock across code paths (write/read use buf_lock then spi_lock; ioctl uses spi_lock then buf_lock), enabling potential deadlocks in multi-threaded access. The fix u...
PT-2026-38970
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The spidev driver contains a lock inversion issue involving two mutexes, spi lock and buf lock. These locks were acquired in different orders depending on the execution path: write and...
Linux Distros Unpatched Vulnerability : CVE-2026-43127
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The...
SUSE CVE-2026-31687
In the Linux kernel, the following vulnerability has been resolved: gpio: omap: do not register driver in probe Commit 11a78b794496 "ARM: OMAP: MPUIO wake updates" registers the omapmpuiodriver from omapmpuioinit, which is called from omapgpioprobe. However, it neither makes sense to register...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fixed a deadlock in nilfscountfreeblocks A semaphore deadlock can occur if nilfsgetblock detects metadata corruption while locating data blocks, and a superblock writeback occurs at the same time: task 1 task 2 ------...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Drivers: Staging: rtl8192bs: Fixed a deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, as shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle | modtimer spinlockbh //1 | Wait f...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Nouveau: The offload fence uevents function is now processed via the workqueue. This should prevent a deadlock between the fctx lock and the irq lock. The processing of uevents is offloaded from the irq to the workqueue...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfsd: The variable sccount is decreased directly if the dlrecall queue operation fails. A deadlock warning occurred when invoking nfs4putstid after a failed dlrecall queue operation: T1 T2 nfs4laundromat nfs4getclientreaplist...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: kasan: kasanfindvmarea has been removed to prevent possible deadlocks. The findvmarea function cannot be called in an atomic context. If findvmarea is called to report VM area information, kasan may trigger a deadlock. For exampl...
PT-2026-36391
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A spin lock/unlock mismatch exists in the dwc2 hsotg udc stop function. The dwc2 gadget exit clock gating function internally utilizes the call gadget macro, which requires hsotg-lock to...