329 matches found
UBUNTU-CVE-2026-53242
In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...
CVE-2026-53242
CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...
PT-2026-52017
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock can occur during a raid456 reshape process. Direct IO across the reshape position may sleep in the raid5 make request function while waiting for reshape progress and holding a...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mptcp: Use OPTIONMPTCPMPJSYNACK in subflowfinishconnect subflowfinishconnect uses four fields backup, joinid, thmac, none that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparseoption...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Fuse: A missing copyfinish function in the fuse-over-io-uring argument copies. This issue causes a possible reference count leak of payload pages during these copies. Joanne: Simplified error cleanup...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: A bug related to “use-after-free” was fixed due to errors in error path handling in mtkjpegdecdevicerun. In mtkjpegprobe, the variable &jpeg-jobtimeoutwork is bound to mtkjpegjobtimeoutwork. In mtkjpegdecdeviceru...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nfs: Return EISDIR when nfs3proccreate is called, if dalias is a directory alias. If we find an alias through nfs3docreate/nfsaddorobtain/dsplicealias that turns out to be a directory dentry, we do not return any errors and simpl...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
kernel: ipv6: use RCU in ip6_output()
A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...
EUVD-2026-32800
In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...
CVE-2026-45979 drm/amdgpu: clean up the amdgpu_cs_parser_bos
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In such conditions unlock the mutex for a clean exit. We do not need to amdgpubolistput as it's been handled in the amdgpucsparserfini...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: fixed a possible Use-after-Allocation UAF in ip6finishoutput2. If skbexpandhead returns NULL, the skb is freed, and the associated dst/idev may also be freed. We need to hold the rcureadlock to ensure that the dst and...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: bcache: Fixup btreecachewait list damage We encountered a kernel crash due to “listadd corruption”. next-prev should be prev 0xffff9c801bc01210, but it was actually fffff9c77b688237c. Next: 0ffffae586d8afe68. crash struct...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Bridge – Use DEVSTATSINC The syzbot/KCSAN reported a data race in the brhandleframefinish function 1. This function can be executed on multiple CPUs without mutual exclusion. It is recommended to use the SMP-safe DEVSTATSINC...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Fixed the SDMA v4 SW fini error. Fixed the SDMA v4 SW fini error for SDMA 4.2.2 to resolve the following general protection fault. +0.108196 General protection fault; likely due to a non-canonical address...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed the amdgpuirqput call trace in gmcv100hwfini. The gmc.eccirq is enabled by the firmware based on the IFWI setting. The host driver does not have privileges to enable/disable the interrupt. Therefore, using the...
Astra Linux – Vulnerability in GhostScript
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in the sampleddatafinish function called from sampleddatacontinue and interp...