1394 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed a crash that occurred when destroying a suspended hardware context. If the user space sends an ioctl to destroy a hardware context that has already been automatically suspended, the driver may crash because t...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for adev-dm.dc in amdgpudmfini have been fixed. Since adev-dm.dc in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, a check is performed beforehand to ensure that...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: ipmi: fixed the use of a pointer after it is freed in ipmiDestroyUser. The intffree function frees the “intf” pointer, so we cannot dereference it again in the next line...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: fs: The UAF/GPF bug in nilfsmdtdestroy has been fixed. In allocinode, if inodeinitalways fails, it may return -ENOMEM. This failure causes inode-iprivate to remain uninitialized. As a result, nilfsismetadatafileinode returns true...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed the potential null dereference issue. The adev-dm.dc pointer can be NULL, and it may be dereferenced in amdgpudmfini without any checks. A NULL pointer check should be added before calling dcdmubsrvdestroy...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Fixed a use-after-free in ath9khifusbdisconnect This patch fixes a use-after-free that occurs in ath9khifusbdisconnect, when ath9khifusbdisconnect attempts to access “drvpriv”, which has already been freed by...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - dm cache: Fixed a UAF Use-after-Allocation issue in the destroy function. - Dmcache also has the same UAF problem when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in the destroy...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/ttm: fixed a memory leak in ttmtransferedDestroy. We also need to clean up the fences related to ghost objects. Bug: https://bugzilla.kernel.org/showbug.cgi?id=214029 Bug: https://bugzilla.kernel.org/showbug.cgi?id=214447...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: tee, amdtee: fixed the use-after-free vulnerability in amdteeclosesession. There is a potential race condition in amdteeclosesession that may cause a use-after-free in amdteeopenSession. For example, if a session has a referen...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Avoid double destruction of the default endpoint The rpmsgdevremove function in rpmsgcore is the place where this default endpoint is released. Therefore, it is necessary to avoid destroying the default endpoint in...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In tty: goldfish, use ttyportdestroy to destroy the port. In goldfishttyprobe, the port initialized through ttyportinit should be destroyed in error paths. In goldfishttyremove, qtty-port also should be destroyed; otherwise,...
Astra Linux – Vulnerability in Linux
A race condition in Linux kernel SCTP sockets net/sctp/socket.c before version 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If the sctpDestroySock function is called without using the socknetsk-sctp.addrwqlock lock, an element...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF Use After Free issues during group creation. This commit addresses the issue where a malicious user space could potentially alter the handle of a group and attempt to call the GROUPDESTROY ioctl...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021570)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021570 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy ar...
Eclipse Glassfish 安全漏洞
Eclipse Glassfish is an application server developed by the Eclipse Foundation. Eclipse Glassfish has a security vulnerability, which stems from improper handling of expressions in the server-side template rendering mechanism. This vulnerability allows remote attackers to completely destroy the...
SUSE CVE-2026-43440
In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...
UBUNTU-CVE-2026-43440
In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...
CVE-2026-43440
In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...
CVE-2026-43440 net/mana: Null service_wq on setup error to prevent double destroy
In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...
CVE-2026-43440
In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...