Linux Distros Unpatched Vulnerability : CVE-2026-43056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mana: fix use-after-free in addadev error path If auxiliarydeviceadd fails, addadev jumps to addfail and calls auxiliarydeviceuninitadev. The auxiliary...

Apache HTTP Server 缓冲区错误漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Versions of Apache HTTP Server 2.4.66 and earlier contain a buffer error vulnerability, which...

Astra Linux – Vulnerability in libstb

stbimage is a single-file library licensed under MIT, used for processing images. If stbiloadgifmain in stbiloadgiffrommemory fails, it returns a null pointer and may leave the z variable uninitialized. If the caller also sets the vertical flipping flag, the process continues by calling...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mmc: rtsxusbsdmmc: Fix the return value check in mmcaddhost. The mmcaddhost function may return an error. If we ignore its return value, the memory allocated by mmcallochost will be leaked, leading to a kernel crash due to the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fixed a memory leak in highbankmcprobe. When devresopengroup fails, it returns -ENOMEM without freeing the memory allocated by edacmcalloc. Call edacmcfree at the error handling path to avoid a memory leak. bp:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fixed the reference count leak in mesonencoderhdmiinit. The offinddevicebynode function takes a reference; we should use putdevice to release that reference when it is no longer needed. Add the missing putdevice functi...

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: NFC: port100: fixed a use-after-free in port100sendcomplete. Syzbot reported a UAF in port100sendcomplete. The root cause is the missing calls to usbkillurb in the error handling path of the -probe function. port100sendcomplet...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Replaces WARNONs with nilfserror in cases where checkpoint acquisition fails. If the creation or finalization of a checkpoint fails due to anomalies in the checkpoint metadata on disk, a kernel warning is generated. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not double-complete the bio on errors during compressed reads. I encountered some strange panics while fixing the error handling in btrfslookupbiosums. It turns out that the compression process will complete the bio we...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: xhci: Properly handling isoc Babble and Buffer Overrun events. xHCI 4.9 explicitly prohibits making assumptions that the xHC has released its ownership of a multi-TRB TD when an error occurs in one of the early TRBs. However,...

Astra Linux – Vulnerability in gst-plugins-good1.0

Integer overflow in the avidemux element within the gstavidemuxinvert function, which allows for a heap overwrite during the parsing of AVI files. There is a potential for arbitrary code execution due to the heap overwrite...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net/bnx2x: Prevent access to a freed page in pagepool Fixed a race condition that could lead to system crashes during EEH error handling During EEH error recovery, the bnx2x driver’s transmit timeout logic could create a race...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

Astra Linux – Vulnerability in Linux 6.1

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to avoid a use-after-free condition related to cached IPU bio. The xfstest generic/019 report a bug: Kernel BUG: At mm/filemap.c:1619! RIP: 0010:folioendwriteback+0x8a/0x90 Call Trace:...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosusbpdnotify: Fixed error handling in crosusbpdnotifyinit. The following warning message was given when using rmmod crosusbpdnotify: Unexpected driver unregistration! Warning: CPU: 0 PID: 253 at...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: isdn: mISDN: Fixed the sleeping function called from an invalid context. The driver can call the card-isac.release function from an atomic context. This issue was fixed by calling this function after releasing the lock. The...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fixed improper pointer dereferencing when the error handler kthread is invalid. The commit 66a834d09293 “scsi: core: Fixed error handling of scsihostalloc” changed the allocation logic to call putdevice to perform hos...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a memory leak in rdsrecvmsg. Syzbot reported a memory leak in rds. The problem occurred when the reference count was not decremented in case of an error. The function rdsrecvmsgstruct socket sock, struct msghdr ms...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Error processing should be added before returning from the function, and the return value has been modified...