Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: fec: removed .ndopollcontroller to avoid deadlocks. A deadlock issue was found in the sungem driver. Please refer to the commit ac0a230f719b “eth: sungem: removed .ndopollcontroller to avoid deadlocks”. The root cause of the...

SUSE CVE-2026-46130

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

Linux Distros Unpatched Vulnerability : CVE-2026-46130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never spl...

CVE-2026-46130

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

CVE-2026-46130

CVE-2026-46130 concerns the Linux kernel’s dm-verity-fec component. The root cause is an incorrect assumption about parity data layout: when reading parity bytes across blocks, parity bytes for the first RS codeword can be split across parity blocks, causing an out-of-bounds read under certain no...

CVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

EUVD-2026-32889

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

CVE-2026-46130

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

PT-2026-44253

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the fec decode bufs function within the dm-verity-fec component. The issue occurs because the function incorrectly assumes that parity bytes of the first...

CLSA-2026-1779375889 kernel: Fix of 95 CVEs

perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: fec: fixed the potential memory leak in fecenetinit. If the memory allocated for cbdbase fails, it should free the memory allocated for the queues; otherwise, a memory leak will occur. And if the memory allocated for the...

CLSA-2026-1778276927 kernel: Fix of 33 CVEs

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - ext4: avoid OOB when system.data xattr changes underneath the filesystem CVE-2024-47701 - gpiolib: cdev: fix uninitialised kfifo CVE-2024-36898 - wifi: mt76: Fix...

CVE-2026-43132

A flaw was found in the Linux kernel's dm-verity component. When the dmbufioclientcreate function fails within verityfecctr, the subsequent call to dmbufioclientdestroy with an error pointer argument leads to a system crash. This vulnerability could allow a local attacker to cause a Denial of...

PT-2026-37472

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the dm-verity component where the verity fec ctr function does not correctly handle failures during calls to dm bufio client create. If these calls fail, dm bufio clie...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing RX buffers The pagepoolreleasepage function was used when freeing RX buffers. This function simply unmaps the page if it was mapped and does not recycle the page. As a result, after...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handling of the case where pmruntimeget fails in .remove. In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returns an error early. The problem with this is tha...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fec: handle pagepooldevallocpages error The fecenetupdatecbd function calls pagepooldevallocpages, but it does not handle the case where NULL is returned. A WARNON!newpage message is generated, but the program still proceeds...

DEBIAN-CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

CVE-2026-40614

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...

CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding

PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...