EUVD-2026-39893

In the Linux kernel, the following vulnerability has been resolved: arm64: Reserve an extra page for early kernel mapping The final part of data, end segment may overflow into the next page of initpgend1 which is the gap page before earlyinitstack2: 1 crasharm64v9.0.1 vtop ffffffed00601000 VIRTUA...

CVE-2026-53288

CVE-2026-53288 affects the Linux kernel on arm64 and concerns the early kernel mapping. The issue arises where the final part of the [data, end) segment could overflow into the next page of init_pg_end, just before early_init_stack, when using 4K pages and 2MB block entries. This creates an addit...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ata: patamacio: Fix DMA table overflow Kolbjorn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 “ata: patamacio: Fix maxsegmentsize with PAGESIZE == 64K”. For example: - Kernel...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: Split pages when debug pagealloc is enabled. Since commit bb1520d581a3 “s390/mm: Start kernel with DAT enabled”, the kernel crashes early during boot when debug pagealloc is enabled. Symptoms: - Memory initialization:...

Astra Linux – Vulnerability in Golang-logrus

There is a denial-of-service vulnerability in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read operation fails with “token too long”, and the writer pipe is close...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed an out-of-bounds access in rpage. When PAGESIZE is 64K, if logreadrst calls readlogpage for the first time, the size of buffer will be equal to DefaultLogPageSize4K. However, for buffer operations like memcpy, if...

Astra Linux - уязвимость в linux-5.10, linux

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

Astra Linux - уязвимость в linux-5.10, linux

Linux block and network PV device frontends do not zero memory regions before sharing them with the backend CVE-2022-26365, CVE-2022-33740. Additionally, the granularity of the grant table does not allow sharing smaller than a 4K page, resulting in unrelated data residing in the same 4K page as...

UBUNTU-CVE-2026-43365

In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized liclogroundoff values If the superblock doesn't list a log stripe unit, we set the incore log roundoff value to 512. This leads to corrupt logs and unmountable filesystems in generic/617 on a disk with 4k...

Linux Distros Unpatched Vulnerability : CVE-2026-31765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. O...

CVE-2026-31765

A flaw was found in the Linux kernel's AMDGPU driver. On systems configured with 64KB page sizes, a mismatch between the reserved trap area size and the allocated memory for the Kernel Fusion Driver KFD can lead to a kernel crash. A local user running specific applications, such as rocminfo or rc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mismatch between AMDGPUVARESERVEDTRAPSIZE and KFDCWSRTBATMASIZE in the drm amdgpu driver on 64K page...

CVE-2026-31686

In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for kasan pXds kasanfreepxd assumes the page table is always struct page aligned. But that's not always the case for all architectures. E.g. In case of powerpc with 64K pagesize, PUD table of size 4096...

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

CVE-2026-23244 nvme: fix memory allocation in nvme_pr_read_keys()

In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys nvmeprreadkeys takes numkeys from userspace and uses it to calculate the allocation size for rse via structsize. The upper limit is PRKEYSMAX 64K. A malicious or buggy userspace can...

github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001755 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001756)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001756 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...