Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: x86/fpu: Fixed the copyxstatetouabi function to correctly copy init states. When an extended state component is not present in fpstate, but is present in init state, the function copies data from initfpstate using copyfeature...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: The FPU state is invalidated after a failed XRSTOR operation from a user buffer. Both Intel and AMD consider it to be architecturally valid for XRSTOR to fail with PF, but they have nonetheless changed the state of the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: State corruption has been prevented in fpurestoresig. The non-compacted slowpath uses copyfromuser to copy the entire user buffer into the kernel buffer, verbatim. This means that the kernel buffer may now contain entire...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005477 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI siz...

SUSE-SU-2026:0472-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. - CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388. -...

CVE-2026-23005

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

MiracleLinux 7 : kernel-3.10.0-862.3.3.el7 (AXSA:2018-3189:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3189:05 advisory. Kernel: FPU state information leakage via lazy FPU restore CVE-2018-3665 Tenable has extracted the preceding description block directly from the MiracleLinux...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004089 advisory. fpregsstatevalid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of...

CVE-2025-68171

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure XFD state on signal delivery Sean reported 1 the following splat when running KVM tests: WARNING: CPU: 232 PID: 15391 at xfdvalidatestate+0x65/0x70 Call Trace: fpuclearuserstates+0x9c/0x100...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988697 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer Both Intel and AMD conside...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987393)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987393 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer Both Intel and AMD conside...

CVE-2022-50425

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...

CLSA-2025-1756482270 kernel: Fix of CVE-2024-2201

spec: up spec/misc to 1160.136.1, spectre mitigation is off by default - hugetlb, mempolicy: fix the mbind hugetlb migration - net: atm: fix use after free in lecsend - net: atlantic: fix aqvec index out of range error - block: initialize flush request via blkmqrqctxinit - ALSA: usb-audio: Fix a...

CVE-2025-38689 x86/fpu: Fix NULL dereference in avx512_status()

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512status Problem ------- With CONFIGX86DEBUGFPU enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This is because the AVX-512 timestamp code uses...

CVE-2022-49557

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI size of KVM's guest FPU to 'struct kvmxsave', i.e. to KVM's historical uABI size. When saving FPU state for usersapce, KVM well, now th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling the XSAVE header during FPU state saving, which could lead to out-of-bounds writes and...

x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD

...

DEBIAN-CVE-2024-43865

In the Linux kernel, the following vulnerability has been resolved: s390/fpu: Re-add exception handling in loadfpustate With the recent rewrite of the fpu code exception handling for the lfpc instruction within loadfpustate was erroneously removed. Add it again to prevent that loading invalid...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from incorrectly removing exception handling for the lfpc instruction in the loadfpustate function...

SUSE CVE-2021-47226

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer Both Intel and AMD consider it to be architecturally valid for XRSTOR to fail with PF but nonetheless change the register state. The actual conditions under...