Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: Fixed unsafe locking in the scxdumpstate function. For kernels built with CONFIGPREEMPTRT=y, the dumplock will be converted to a sleepable spinlock instead of a disable-irq one. This can lead to the following scenarios:...

CVE-2026-46298

CVE-2026-46298 : In the Linux kernel, a race during ioctl or release handling on pseries/papr-hvpipe could deadlock if an interrupt fires on the same CPU. The fix makes the affected lock usage use spin_lock_irqsave/restore to prevent the deadlock. The issue is resolved by the patch in the cited s...

CVE-2026-40943

Oxia is a metadata store and coordination system. Prior to 0.16.2, a race condition between session heartbeat processing and session closure can cause the server to panic with send on closed channel. The heartbeat method uses a blocking channel send while holding a mutex, and under specific timin...

CVE-2026-46262 ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

Linux Distros Unpatched Vulnerability : CVE-2026-45924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what t...

CVE-2026-47334

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock...

PT-2026-44483

Name of the Vulnerable Software and Affected Versions Ubuntu Linux version 6.8 Ubuntu Linux version 6.17 Ubuntu Linux version 7.0 Description AppArmor SAUCE patches contain a flaw in the notification handling code that causes the system to incorrectly sleep while holding a spinlock. A spinlock is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the issue where sk is released during the ADDADDR retransmission in mptcp pm. This can lead to sk...

CVE-2026-46025

A flaw was found in the Linux kernel's DAMON Data Access MONitor core. A race condition between the damoncall function and the kdamondfn exit process can lead to system instability. This can cause threads waiting for damoncall requests to enter an infinite wait state, resulting in a deadlock. In...

PT-2026-43791

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ksmbd module where the function ksmbd vfs kern path end removing is not called on certain error paths. This failure to balance the corresponding ksmbd vfs kern pat...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: fixed a potential deadlock in netlinkseterr syzbot reported a possible deadlock in netlinkseterr 1 A similar issue was fixed in commit 1d482e666b8e "netlink: disabling IRQs for netlinklocktable" in netlinklocktable Th...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: xfs: scrub: Unlock dquot before an early return in quota scrub. The function xchkquotaitem can return early after calling xchkfblockprocesserror. When this helper returns false, the function returns immediately without releasi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - usb: dwc2: gadget: Fixed the mismatch between spinlock and unlock calls in dwc2hsotgudcstop. - dwc2gadgetexitclockgating internally calls the callgadget macro. This macro expects hsotg-lock to be held since it performs...

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1700)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1700 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

SUSE CVE-2026-43285

In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current-memsallowedseq if !allowspin Lockdep complains when getfromanypartial is called in an NMI context, because current-memsallowedseq is seqcountspinlockt and not NMI-safe:...

CVE-2026-43285

A flaw was found in the Linux kernel. An inconsistent lock state within the mm/slab subsystem, specifically when getfromanypartial is called in a Non-Maskable Interrupt NMI context, can lead to a deadlock. This vulnerability can result in a Denial of Service DoS for the affected system...

EUVD-2026-28566

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...

CVE-2026-43296

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...