Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: core: Fixed a use-after-free in sndsocexit. KASAN reported a use-after-free: BUG: KASAN: Use-after-free in devicedel+0xb5b/0xc60. A read of size 8 at address ffff888008655050 was performed by the task rmmod/387. CPU: 2;...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup of the mana struct after debugfsremove When hibernation is triggered on a MANA VM, as part of hibernatesnapshot, managdsuspend and managdresume are called. If a failure occurs during managdresume related to HWC...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006689 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when...

MiracleLinux 3 : systemtap-1.6-7.AXS3 (AXSA:2012-344:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-344:01 advisory. SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the system...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989177 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in sndsocexit KASAN reports a use-after-free: BUG: KASAN:...

kernel security update

4.18.0-553.80.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

UBUNTU-CVE-2023-53625

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when destroying vgpu, e.g in remove case drm minor's debugfs root might already be destroyed, which led to kernel oops like below. Console:...

CVE-2023-53625 drm/i915/gvt: fix vgpu debugfs clean in remove

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when destroying vgpu, e.g in remove case drm minor's debugfs root might already be destroyed, which led to kernel oops like below. Console:...

PT-2025-41069

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc2+ 6 Description A flaw exists in the Linux kernel's i915/gvt component related to the handling of debugfs cleanup during vgpu removal. Specifically, the code does not carefully check for the availability...

SUSE CVE-2025-39706

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-39706

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-39706

Summary: CVE-2025-39706 affects the Linux kernel's DRM/AMDKFD path. The issue arises when destroying KFD debugfs before kfd_process_destroy_wq, causing a NULL pointer hang due to an attempted remove of /sys/kernel/debug/kfd/proc/ after /sys/kernel/debug/kfd was destroyed. Root cause: proc content...

CVE-2025-39706 drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-39706 drm/amdkfd: Destroy KFD debugfs after destroy KFD wq

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Destroy KFD debugfs after destroy KFD wq Since KFD proc content was moved to kernel debugfs, we can't destroy KFD debugfs before kfdprocessdestroywq. Move kfdprocessdestroywq prior to kfddebugfsfini to fix a kernel NU...

CVE-2025-38596 drm/panthor: Fix UAF in panthor_gem_create_with_handle() debugfs code

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF in panthorgemcreatewithhandle debugfs code The object is potentially already gone after the drmgemobjectput. In general the object should be fully constructed before calling drmgemhandlecreate, except the...

DEBIAN-CVE-2022-49842

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in sndsocexit KASAN reports a use-after-free: BUG: KASAN: use-after-free in devicedel+0xb5b/0xc60 Read of size 8 at addr ffff888008655050 by task rmmod/387 CPU: 2 PID: 387 Comm: rmmod Hardware name:...

UBUNTU-CVE-2022-49842

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in sndsocexit KASAN reports a use-after-free: BUG: KASAN: use-after-free in devicedel+0xb5b/0xc60 Read of size 8 at addr ffff888008655050 by task rmmod/387 CPU: 2 PID: 387 Comm: rmmod Hardware name:...

CVE-2022-49842 ASoC: core: Fix use-after-free in snd_soc_exit()

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in sndsocexit KASAN reports a use-after-free: BUG: KASAN: use-after-free in devicedel+0xb5b/0xc60 Read of size 8 at addr ffff888008655050 by task rmmod/387 CPU: 2 PID: 387 Comm: rmmod Hardware name:...

SUSE CVE-2025-21953

In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfsremove When on a MANA VM hibernation is triggered, as part of hibernatesnapshot, managdsuspend and managdresume are called. If during this managdresume, a failure occurs with HWC...

UBUNTU-CVE-2024-50159

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix the double free in scmidebugfscommonsetup Clang static checkerscan-build throws below warning： | drivers/firmware/armscmi/driver.c:line 2915, column 2 | Attempt to free released memory. When...