OPENSUSE-SU-2026:20912-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: iommu/amd: Use maximum Event log buffer size when SNP is enabled on Family 0x19 bsc1243603. - CVE-2026-3150: bcache: fix cacheddev.sbbio use-after-free and...

PT-2026-43771

Name of the Vulnerable Software and Affected Versions Linux kernel version 6.18.0-rc3 Description An issue in the Enhanced Error Handling EEH driver for powerpc leads to recursive locking. The function eeh handle normal event acquires the pci lock rescan remove lock before calling eeh pe bus get,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/armdmc620: Fixed a leak in the hotplug callback in dmc620pmuinit. The dmc620pmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. Remove the callback by calling...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a potential deadlock in CPU hotplug with osnoise. The following sequence may lead to a deadlock in CPU hotplug: task1 task2 task3 ----- ----- ----- The code sequence is as follows: mutexlock&interfacelock CPU GOING...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac – Fixed a use-after-free bug in brcmfcfg80211detach. This is the candidate patch for CVE-2023-47233: https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In the brcm80211 driver, the process starts with the following...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: using cpuhpstateremoveinstancenocalls instead of cpuhpstateremoveinstance so that the notifications do not execute after the PMU device has been unregistered. When removing the ‘hisihns3’ PMU, we accidentally...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fixed the hotplug callback leak in armsmmupmuinit. armsmmupmuinit does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be removed by cpuhpremovemultistate in...

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 0,...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Do not offline the last non-isolated CPU. If a system has isolated CPUs via the “isolcpus=” command-line parameter, then attempting to offline the last housekeeping CPU will result in a WARNON message when rebuilding...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Do not issue ATS Invalidation requests when the device is disconnected. For those endpoint devices connected to the system via hot-plug-capable ports, users can request a hot reset of the device by setting the link...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: x86/fpu: Keep xfdstate synchronized with MSRIA32XFD. The commits 672365477ae8 "x86/fpu: Update XFD state where required" and 8bf26758ca96 "x86/fpu: Add XFD state to fpstate" introduced a per-CPU variable xfdstate to maintain t...

CLSA-2026-1779098063 cloud-init: Fix of CVE-2024-11584

CVE-2024-11584: fix systemd socket unit permission vulnerability to prevent unprivileged user from triggering hotplug-hook commands...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove the cpuhp instance node before removing the cpuhp state The functions cpuhpstateaddinstance and cpuhpstateremoveinstance should be used in pairs. Otherwise, a warning will be issued during the...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hwmon: coretemp Simplified platform device handling Coretemp’s platform driver is unconventional. All the actual processing is performed globally by the initcall and CPU hotplug notifiers. The “driver” essentially just wraps t...

Astra Linux – Vulnerability in cloud-init

In cloud-init through 25.1.2, the systemd socket unit “cloud-init-hotplugd.socket” is included, with a default SocketMode of 0666, allowing world-write permissions. This socket is used for the /run/cloud-init/hook-hotplug-cmd FIFO. A non-privileged user can trigger the hotplug-hook commands...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI: pciehp: Fixed an infinite loop in the IRQ handler upon a power fault. The Power Fault Detected bit in the Slot Status register differs from all other hot-plug events in that it is sticky: It can only be cleared after...

Astra Linux – Vulnerability in Linux

In the file drivers/pci/hotplug/rpadlpar/sysfs.c within the Linux kernel up to version 5.11.8, the RPA PCI Hotplug driver suffers a user-tolerable buffer overflow when writing a new device name to the driver from user space. This allows user space to write data directly to the kernel stack frame...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: s390 – Fixed a use-after-free of PCI resources when per-function hot-plugging occurs. On the s390 architecture, PCI functions may be hot-plugged individually, even when they belong to a multi-functional device. Specifically,...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add addpages override for PPC With commit ffa0b64e3be5 "powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit" the kernel now validate the addr against highmemory value. This results in the below BUGON with da...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Ensure successful attachment when a device is removed unexpectedly. When a PCI device is removed using hotplug, there may still be attempts to attach the device to the default domain as part of cleanup via...