Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which allows a NULL pointer dereferenc...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - Misc: ocxl: fixed a possible refcount leak in afuioctl. - eventfdctxput needs to be called to update the refcount obtained through eventfdctxfdget when ocxlirqsethandler fails...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Blocking calls to interrupt handlers without triggering them The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL, and it may become NULL if the user sets the trigger parameter of eventfd to -1...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fixed error handling for eventfd in kvmxeneventfdassign Do not call eventfdctxput in case of an error. Introduced a new goto target instead. - Paolo...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/eventfd: Ensure that ioeventfdsignal delays another RCU period. The function ioeventfddosignal is invoked from an RCU callback. However, when the reference to ioevfd is dropped, it directly calls ioeventfdfree if the...

CVE-2026-46034

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in vfiocdxsetmsitrigger. Without this check, userspace can trigger a NULL pointer...

UBUNTU-CVE-2026-46034

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in vfiocdxsetmsitrigger. Without this check, userspace can trigger a NULL pointer...

CVE-2026-46034 vfio/cdx: Fix NULL pointer dereference in interrupt trigger path

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in vfiocdxsetmsitrigger. Without this check, userspace can trigger a NULL pointer...

EUVD-2026-32415

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in vfiocdxsetmsitrigger. Without this check, userspace can trigger a NULL pointer...

JLSEC-2026-421 libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection...

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010931)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010931 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afuioctl eventfdctxput need to be called to put the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013086)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013086 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012946)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012946 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007258 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007268 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006796 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000738 advisory. The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service assertion failure, and hypervisor hang or crash via an out-of...

SUSE CVE-2022-50742

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afuioctl eventfdctxput need to be called to put the refcount that gotten by eventfdctxfdget when ocxlirqsethandler fails...

CVE-2022-50742

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afuioctl eventfdctxput need to be called to put the refcount that gotten by eventfdctxfdget when ocxlirqsethandler fails...

CVE-2022-50742

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afuioctl eventfdctxput need to be called to put the refcount that gotten by eventfdctxfdget when ocxlirqsethandler fails...