377 matches found
WORM vfs module does not block overwrites
Description The vfsworm module is intended to make files immutable over SMB a short time after they are created. The time window in which they are writable is configurable, defaulting to one hour. The hook that handles renames was checking that the file being renamed was still mutable, but it was...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition between bpftimercancelandfree and bpftimercancel. This race condition could lead to a UAF Use-After-Free error involving the timer-timer variable. Here’s the detailed explanation: In bpftimer...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the removed entry’s percpu sta...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups now perform under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookups...
OESA-2026-2311 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. Thi...
Cisco Unity Connection Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Unity Connection is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unity Connection due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...
CVE-2026-43385
A flaw was found in the Linux kernel where a race condition in the rcutasks grace period handling within the napithreadedpollloop function can lead to a stall. This issue occurs when threaded busypoll is enabled and specific network operations are performed. A local user or a specific workload...
CVE-2026-43376
A flaw was found in ksmbd in the Linux kernel. The oplockinfo structure is immediately freed using kfree without an RCU Read-Copy-Update grace period, even though it can still be accessed by readers. This improper memory deallocation can lead to a use-after-free vulnerability, particularly in the...
EUVD-2026-28680
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
EUVD-2026-28682
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...
CVE-2026-43385
In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcutaskswaitgp: rcutasks grace period number 85 since...
UBUNTU-CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43376
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...
CVE-2026-43374
Summary: CVE-2026-43374 affects the Linux kernel networking code (net: nexthop). The vuln arises when removing a nexthop from a group: remove_nh_grp_entry() publishes the new group via rcu_assign_pointer() and then immediately frees the removed entry’s percpu stats with free_percpu(), while the s...
CVE-2026-43292
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...
Cisco Expressway Series Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Expressway Series is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Expressway Series due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...
PT-2026-39035
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the remove nh grp entry function. The system publishes a new group using rcu assign pointer and immediately frees the removed...
Cisco Adaptive Security Appliance (ASA) Software Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, Cisco Adaptive Security Appliance ASA Software is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Adaptive Security Appliance ASA Software due to a signal handler race condition found in sshd, where a client does not...
SUSE CVE-2026-43091
In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...