CVE-2026-45970 bonding: alb: fix UAF in rlb_arp_recv during bond up/down

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: The issue of null-ptr-deref in reuseportaddsock has been fixed. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. The repro first creates a listener with SOREUSEPORT. Then, it create...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Moving the bc link creation back to tipcnodecreate. Shuang Li reported a NULL pointer dereference crash: BUG: NULL pointer dereference in the kernel, address: 0000000000000068 RIP: 0010:tipclinkisup+0x5/0x10 tipc Call...

CVE-2026-43071

A flaw was found in the Linux kernel's dcache component. When the 'dhashentries' parameter is set to one, an out-of-bounds OOB read occurs in the dentryhashtable. This issue arises due to an incorrect calculation of the 'dhashshift' value, causing the system to attempt to access unallocated memor...

SUSE CVE-2026-43071

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 PF: supervisor read access in kerne...

EUVD-2026-27375

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 PF: supervisor read access in kerne...

CVE-2026-43071

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 PF: supervisor read access in kerne...

CVE-2026-43071 dcache: Limit the minimal number of bucket to two

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 PF: supervisor read access in kerne...

CVE-2026-43071

CVE-2026-43071 affects the Linux kernel dcache component, specifically an OOB read in dentry_hashtable when dhash_entries is set to 1. The root cause is incorrect d_hash_shift calculation, causing an access to unallocated memory and potential kernel panic/DoS. The issue is mitigated by patching t...

CVE-2026-43071

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 PF: supervisor read access in kerne...

Linux Distros Unpatched Vulnerability : CVE-2026-43071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page...

PT-2026-37074

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds OOB read issue exists in the dentry hashtable when the dhash entries variable is set to 1. In this configuration, dcache init calculates d hash shift as 32. During the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the issue of excessive out-of-bounds read accesses when the number of dentryhashtable buckets is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

It was discovered that the clsRoute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it, if its handle had the value 0...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

Astra Linux - уязвимость в firefox

A hashtable in the Ion Engine could have been mutated while there was a live internal reference, resulting in a potential use-after-free and exploitable crash. This vulnerability affects Firefox versions less than 118...

CVE-2026-31503

In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2 for collision detection. The current code switches to "hash2" when...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005177)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005177 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001717 advisory. It was discovered that the clsroute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had t...

Apple Safari JavaScriptCore HashTable Expansion Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...