SUSE CVE-2026-46035

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, allocfrozenpagesnolock calle...

CVE-2026-46035

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, allocfrozenpagesnolock calle...

UBUNTU-CVE-2026-46035

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, allocfrozenpagesnolock calle...

EUVD-2026-32416

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, allocfrozenpagesnolock calle...

CVE-2026-46035

Summary (CVE-2026-46035): Linux kernel UP (non-SMP) builds are fixed so that alloc_frozen_pages_nolock() invoked from an NMI returns NULL early, preventing re-entry of rmqueue() and corruption of freelists due to spin_trylock() becoming a no-op. The issue occurs when CONFIG_DEBUG_SPINLOCK is enab...

CVE-2026-46035 mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, allocfrozenpagesnolock calle...

PT-2026-43902

In the Linux kernel, the following vulnerability has been resolved: mm/page alloc: return NULL early from alloc frozen pages nolock in NMI on UP On UP kernels !CONFIG SMP, spin trylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, alloc frozen pages...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: Avoid zeroing the freepointer when dealing with single-free objects. The commit 284f17ac13fe “mm/slub: Handle bulk and single object freeing separately” divides the handling of single and bulk object freeing into two...

SUSE CVE-2026-43121

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...

CVE-2026-43121

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix userref race between scrub and refill paths The iozcrxputniovuref function uses a non-atomic check-then-decrement pattern atomicread followed by separate atomicdec to manipulate userrefs. This is serialized...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: fixed a null pointer dereference in dtInsertEntry Reported by syzbot General protection fault, likely for a non-canonical address 0xdffffc0000000001: 0000 1 PREEMPT SMP KASAN PTI KASAN: nullptrderef in range...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: mm/slub: The issue of the freelist pointer vs. redzone allocation has been fixed. It turns out that SLUB’s redzone allocation checks based on s-objectsize, rather than s-inuse which is usually adjusted to make room for the...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007048)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007048 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details ...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006751 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in objecterr objecterr reports details ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001196 advisory. The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002904 advisory. The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003383 advisory. The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service duplicate freelist...

CVE-2025-58411 GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-58411 GPU DDK - Reservation::psMappedPMR can change while used by a freelist -> UAF

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of resources reference counting creating a potential use after free scenario. Improper resource management and reference counting on an internal resource caused scenario where potentia...

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...