Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v4: Do not allow a VMOVP operation on a VPE that is about to be unmapped. Kunkun Jiang reported that there is a small window of opportunity for user space to force a change in the affinity of a VPE while the VPE ha...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Error handling in gicpopulateppipartitions was fixed. The function ofgetchildbyname returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. When kcalloc fails...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3: A refcount leak was fixed in gicpopulateppipartitions. The function offindnodebyphandle returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for it. A...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Harden the getcpuforacpiid function to prevent errors when a missing CPU entry is used. During a review discussion of the changes to support vCPU hotplug, it was noted that a check was added to ensure the GICC Global...

CVE-2026-43351

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for arm64 architectures. When a virtual Generic Interrupt Controller GIC is created, a failure in the vgicallocateprivateirqslocked function can leave internal data structures uninitialized. This can lead to a system crash wh...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Prevent double free on error The error handling path in itsvpeirqdomainalloc causes a double free when itsvpeinit fails after successfully allocating at least one interrupt. This happens because...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Do not enable interrupts in itsirqsetvcpuaffinity. The following call-chain results in the enabling of interrupts in a nested interrupt-disabled section: irqsetvcpuaffinity irqgetdesclock rawspinlockirqsave --...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic/realview: A refcount leak was fixed in realviewgicofinit. The function offindmatchingnodeandmatch returns a node pointer with a refcount incremented. We should use ofnodeput on it when there is no longer a need for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005542)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005542 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small...

OESA-2026-1470 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A memory address truncation vulnerability exists in the irqchip/gic-v3-its driver of the Linux kernel. On 32-bit ARM machines with CONFIGARMLPAE enabled, when using larger VMSPLIT configurations, lowmem allocations may be backed ...

OESA-2026-1469 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A memory address truncation vulnerability exists in the irqchip/gic-v3-its driver of the Linux kernel. On 32-bit ARM machines with CONFIGARMLPAE enabled, when using larger VMSPLIT configurations, lowmem allocations may be backed ...

Oracle Linux 9 : kernel (ELSA-2026-2212)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2212 advisory. - iouring/net: commit partial buffers on retry Jeff Moyer RHEL-137329 CVE-2025-38730 - atm: clip: Fix infinite recursive call of clippush. Guillaume...

kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability

A flaw was found in the Linux kernel's irqchip/gic-v2m component. This vulnerability allows a use-after-free condition via gicv2mgetfwnode being wrongly marked as init, causing it to be freed while still registered with the PCI Peripheral Component Interconnect subsystem during a PCI host bridge...

CVE-2026-23085

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

CVE-2026-23085 irqchip/gic-v3-its: Avoid truncating memory addresses

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

CVE-2026-23085

CVE-2026-23085 affects the Linux kernel irqchip/gic-v3-its on 32-bit ARM with CONFIG_ARM_LPAE, where lowmem allocations could be backed by physical memory above 4 GB. The ITS driver stored a 32-bit address in an unsigned long, triggering truncation. The fix changes the itt_addr and related physic...

EUVD-2026-5457

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

Linux Distros Unpatched Vulnerability : CVE-2026-23085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses...

kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability

A flaw was found in the Linux kernel's irqchip/gic-v2m component. This vulnerability allows a use-after-free condition via gicv2mgetfwnode being wrongly marked as init, causing it to be freed while still registered with the PCI Peripheral Component Interconnect subsystem during a PCI host bridge...

ROS-20260202-73-0031

A vulnerability in the irq-gic-v2m.c component of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...