CVE-2026-46223

CVE-2026-46223 (Linux kernel) affects the cgroups subsystem. The vulnerability description notes that a chain of commits (v7.0 onward) reworked rmdir to satisfy the invariant that ->css_offline() must not run while tasks still run in the cgroup. The fix defers percpu_ref kill for css until the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: inet: frags: dropping fraglist and conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reprodu...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Fork: Defer linking of vma until vma is fully initialized. Thorvald reported a WARNING 1. The root cause of the issue lies in a race condition: CPU 1 CPU 2 fork hugetlbfsfallocate dupmmap hugetlbfspunchhole...

CLSA-2026-1779215759 libxml2: Fix of CVE-2022-49043

CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode by deferring xmlFreeURI until after the error path has consumed the value...

OESA-2026-2311 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. Thi...

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

CLSA-2026-1778491896 libxml2: Fix of CVE-2022-49043

CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode by deferring xmlFreeURI until after the error path has consumed the value...

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

CVE-2026-43326

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix crash on hcicreatecissync When attempting to connect multiple ISO sockets without using DEFERSETUP may result in the following crash: BUG: KASAN: null-ptr-deref in hcicreatecissync+0x18b/0x2b0 Read of size...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: tty: fixed a possible nullptrdefer issue in spkttyiorelease. Run the following tests on the qemu platform: syzkaller: modprobe speakupaudptr input: Speakup as /devices/virtual/input/input4 initialized device: /dev/synth, node...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Double-free of rqxprtctxt while it is still in use When a RPC request is deferred, the rqxprtctxt pointer is moved out of the svcrqst and into the svcdeferredreq. When the deferred request is revisited, the pointer is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pinctrl: fixed a deadlock issue in the createpinctrl function when handling -EPROBEDEFER. In createpinctrl, the pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...

net: ipv6: flowlabel: defer exclusive option free until RCU teardown

...

CVE-2026-31665

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...

SUSE SLES15 Security Update : kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:1281-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1281-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: ...

SUSE CVE-2026-31426

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpiecsetup When ecinstallhandlers returns -EPROBEDEFER on reduced-hardware platforms, it has already started the EC and installed the address space handler with the struct acpiec...

x86/efi: defer freeing of boot services memory

...

SUSE CVE-2026-23305

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...