138 matches found
EUVD-2026-38819
In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here when triggering the invalidatemappings hook: 1 We do xeboalloc followed by the attach, before the actual full bo init step in xedmabufinitobj...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a UAF in jfsevictinode When the execution of diMountipimap fails, the object ipimap that has been released may be accessed in diFreeSpecial. Asynchronous release of ipimap occurs when rcucore calls jfsfreenode...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ext4: Silence the warning when evicting an inode with dioreadnolock When evicting an inode with the default dioreadnolock setting, it is possible for unwritten extents to convert kworker after writeback, resulting in newly...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-mq: The crypto keyslot must be released before reporting I/O completion. Once all I/O operations using the blkcryptokey are completed, the file systems can call blkcryptoevictkey. However, the block layer currently does not...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed an uninitialized value in ‘ext4evict inode’. Syzbot identified the following issue: ===================================================== BUG: KMSAN: Uninitialized value in ext4evict inode+0xdd/0x26b0,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Binder: Fixed a use-after-free in binderfsevict inode. When running ‘stress-ng --binderfs 16 --timeout 300’ under the KASAN-enabled kernel, the following issues were observed: BUG: KASAN: Slab-use-after-free in binderfsevict...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of clearing dirty inodes in f2fsevictinode. As reported by Yanming in Bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215904 The kernel message is as follows: Kernel BUG at fs/f2fs/inode.c:825! Call...
CVE-2026-49843
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, modverto's JSON-RPC handler bound the connection to the client-supplied sessid on the fir...
SUSE CVE-2026-46280
In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...
CVE-2026-46280
In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...
UBUNTU-CVE-2026-46280
In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...
CVE-2026-46280
In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...
EUVD-2026-35145
In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...
PT-2026-47352
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the HMM kernel selftests. When the dmirror fops release function is called, it frees the dmirror structure without first migrating device private pages...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021554)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021554 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4evictinode' Syzbot found the following issue:...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010812)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010812 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4evictinode' Syzbot found the following issue:...
CVE-2026-23214
In the Linux kernel, the following vulnerability has been resolved: btrfs: reject new transactions if the fs is fully read-only BUG There is a bug report where a heavily fuzzed fs is mounted with all rescue mount options, which leads to the following warnings during unmount: BTRFS: Transaction...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005046)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005046 advisory. In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one devic...
Linux Distros Unpatched Vulnerability : CVE-2022-50730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: silence the warning when evicting inode with dioreadnolock When evicting an inode with default dioreadnolock, it could be raced by the unwritten extents...
CVE-2022-50730
In the Linux kernel, the following vulnerability has been resolved: ext4: silence the warning when evicting inode with dioreadnolock When evicting an inode with default dioreadnolock, it could be raced by the unwritten extents converting kworker after writeback some new allocated dirty blocks. It...