Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: BPF, skmsg: Fixed NULL pointer dereferencing in skpsockskbingressenqueue. Fixed NULL pointer race conditions in skpsockskbingressenqueue, as reported by syzbot 1. 1 BUG: KCSAN: Data race in skpsock Drop and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciuart: added a missing NULL check in h5enqueue. Syzbot encountered a general protection fault in pmruntimeresume. The problem was due to a missing NULL check. hu-serdev can be NULL, and we should not blindly pass...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Added a check on the len parameter to prevent empty skb objects. This prevents a division error in the netemenqueue function, which occurs when skb-len=0 and skb-datalen=0 during the randomized corruption...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netem: fix the return value when duplicate enqueue fails There is a bug in the netemenqueue function introduced by the commit 5845f706388a “net: netem: fix skb length BUGON in skbtosgvec”, which can lead to a use-after-free. This...

SUSE CVE-2026-43164

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the cited commit, udplibinitsock can fail, as can udpinitsock and udpv6initsock. Let's handle the error in...

Linux Distros Unpatched Vulnerability : CVE-2026-43164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of...

CVE-2026-43164 udplite: Fix null-ptr-deref in __udp_enqueue_schedule_skb().

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the cited commit, udplibinitsock can fail, as can udpinitsock and udpv6initsock. Let's handle the error in...

CVE-2026-43164

CVE-2026-43164 affects the Linux kernel UDP-Lite implementation. The issue is a null-pointer dereference in __udp_enqueue_schedule_skb() triggered during UDP-Lite socket initialization, as reported by syzbot. Post-commit changes allow udp_lib_init_sock(), udp_init_sock(), and udpv6_init_sock() to...

PT-2026-37504

In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udp enqueue schedule skb. syzbot reported null-ptr-deref of udp sksk-udp prod queue. 0 Since the cited commit, udp lib init sock can fail, as can udp init sock and udpv6 init sock. Let's handle the...

CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

RLSA-2026:9264 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 For more details about the...

RLSA-2026:8921 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 For more details about the...

Oracle Linux 10 : kernel (ELSA-2026-9264)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9264 advisory. - scsi: qla2xxx: Fix improper freeing of purex item CKI Backport Bot RHEL-159225 CVE-2025-68741 - net/sched: schcake: Fix incorrect qlen reduction in...

AlmaLinux 9 : kernel (ALSA-2026:8921)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:8921 advisory. kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013838)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013838 advisory. In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633adcasyncread req is allocated in...

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011118)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011118 advisory. In the Linux kernel, the following vulnerability has been resolved: mfd: pcf50633-adc: Fix potential memleak in pcf50633adcasyncread req is allocated in...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011390 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's...

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 For more details about the...