1403 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for adev-dm.dc in amdgpudmfini have been fixed. Since adev-dm.dc in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, a check is performed beforehand to ensure that...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed a use-after-free in gtpencapdestroy. syzkaller reported a use-after-free in gtpencapdestroy. The same process freed “sk” and accessed it illegally. The commit e198987e7dd7 “gtp: fix suspicious RCU usage” added...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Prevents handling of any completions after the QP Queue Pairing is destroyed. The hardware may generate completions that indicate the QP has been destroyed. The driver should not schedule any completion handlers for...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm: Fixed a potential null-ptr-deref in drmvblankDestroyWorker. The call to drmvblankinit includes drmMaddactionorreset, with drmvblankinitRelease as the action. If drmMaddaction fails, it will directly call...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: A potential memory leak was fixed by cleaning the opsfilter variable in damonDestroyScheme. Currently, damonDestroyScheme only cleans up the filter list but leaves opsfilter untouched. This could lead to memory lea...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fixed a UAF in runtimersoftirq When dmresume and dmdestroy are executed concurrently, it will lead to a UAF, as follows: Bug: KASAN: Use-after-free in runtimers+0x173/0x710 A 8-byte value is written to the address...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The synchronization of ofchangesetDestroy with devlink removals was addressed. In the following sequences: 1 ofplatformdepopulate 2 ofoverlayremove During step 1, devices are destroyed, and devlinks are removed. During step 2, OF...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nvme-fc: Do not wait in vain when unloading the module. There is a race condition in the module exit path, where the process tries to delete all controllers and free up the “leftover IDs”. To prevent double-freeing of resources, ...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: - dm clone: Fixed a UAF Use-after-Free in clonedtr. - Dmclone also has the same UAF issue when dmresume and dmdestroy are executed concurrently. Therefore, the timer is canceled again in clonedtr...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: crypto: API – Use a work queue in cryptoDestroyInstance. The function cryptoDropSpawn is expected to be called from the process context. However, when an instance is not registered while it still has active users, the last user m...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: Fixed the memory leak associated with xarray nodes. If the xassplitalloc function fails to allocate the necessary nodes to complete the splitting of the xarray entries, it sets the xastate to -ENOMEM. This triggers...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Flush destroywork queue before calling bnx2fcinterfaceput The bnx2fcdestroy function removes the interface before calling destroywork. This causes multiple WARNings from sysfsremovegroup, as the controller rport...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: A potential NULL dereferencing in mtkcrtcdestroy has been fixed. In mtkcrtccreate, if the call to mboxrequestchannel fails, we set the pointer mtkcrtc-cmdqclient.chan to NULL. In that case, we do not call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Flushes the pending destroy work before releasing exitnet. This issue is similar to 2c9f0293280e “netfilter: nftables: flush pending destroy work before netlink notifier”, which addressed a race between exitn...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: devres: A memory leak caused by the driver API devmfreepercpu has been fixed. A memory leak occurs when the driver API devmfreepercpu is used to release memory allocated by devmallocpercpu. This issue was addressed by using...
Astra Linux – Vulnerability in Linux 5.10, Linux
A vulnerability classified as problematic has been discovered in the Linux kernel. The affected function is j1939sessiondestroy in the file net/can/j1939/transport.c. This manipulation leads to a memory leak. It is recommended that a patch be applied to fix this issue. The identifier of this...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In tty: goldfish, use ttyportdestroy to destroy the port. In goldfishttyprobe, the port initialized through ttyportinit should be destroyed in error paths. In goldfishttyremove, qtty-port also should be destroyed; otherwise,...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021570)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021570 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy ar...
Eclipse Glassfish 安全漏洞
Eclipse Glassfish is an application server developed by the Eclipse Foundation. Eclipse Glassfish has a security vulnerability, which stems from improper handling of expressions in the server-side template rendering mechanism. This vulnerability allows remote attackers to completely destroy the...
SUSE CVE-2026-43440
In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...