Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “hungtask”: fixed warnings caused by unaligned lock pointers. The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned so that their lower bits can be used for type encoding. However, as reported by...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iouring: Now waits for request completions upon exit. When the ring exits, cleanup is performed, and the final cancelations and waits for completions are handled by ioringexitwork. This function is invoked by kworker, which does...

SUSE CVE-2026-43314

In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 "blk-mq: move failure injection out of blkmqcompleterequest", drivers are responsible for calling blkshouldfaketimeout at appropriate code paths and...

CVE-2026-43314

CVE-2026-43314 affects the Linux kernel device mapper (dm) driver. The issue arises when an I/O timeout failure is injected into a dm device; because dm does not implement its own timeout handler, the request can leak and hang indefinitely. The root cause is the presence of blk_should_fake_timeou...

CVE-2026-43314

In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 "blk-mq: move failure injection out of blkmqcompleterequest", drivers are responsible for calling blkshouldfaketimeout at appropriate code paths and...

PT-2026-38956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the dm driver, the failure to implement its own timeout handler while relying on slave devices leads to an issue where requests are leaked and never completed if an io-timeout-fail...

kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP, ensuring that tasks do not get stuck, as highlighted by the call trace 1. During recovery, before transitioning th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcuscalewriter’s scheduletimeoutuninterruptible function to idle. The rcuscale.holdoff module parameter can be used to delay the start of rcuscalewriter’s kthread. However, the hung-task timeout will trigger when t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: All requests are flushed after setting CACHEFILESDEAD. In ondemand mode, when the daemon is processing an open request, if the kernel marks the cache as CACHEFILESDEAD, the cachefilesdaemonwrite function will always...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7921s – Fixed the issue where potentially hung tasks might occur during chip recovery. During chip recovery e.g., chip reset, there is a possibility that the kernel worker resetwork holds a lock and waits for the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Media: imon: Make sendpacket more robust syzbot reports that imon has three problems that result in hung tasks due to continuously holding the device lock 1. The first problem is that when usbrxcallbackintf0 receives an -EPROT...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix for a variable not being completed when the function returns When cmdallocindex fails, cmdworkhandler needs to complete ent-slotted before returning early. Otherwise, the task that issued the command may hang...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Ensure that pages are unlocked in case of a failure in cowfilerange. There is a hangtask report for zoned btrfs as follows: https://github.com/naota/linux/issues/59 726.328648 INFO: Task rocksdb:high0:11085 blocked for...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a task that was stuck in ext4xattrdeleteinode. Syzbot reported a problem with stuck tasks: ================================================================== INFO: Task syz-executor232:5073 is blocked for more than...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011185 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: wait interruptibly for request completions on exit WHen the ring exits, cleanup is done...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011095)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011095 advisory. In the Linux kernel, the following vulnerability has been resolved: igb: Fix igbdown hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013061)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013061 advisory. In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which...

CVE-2026-29643

XiangShan Open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 contains an improper exceptional-condition handling flaw in its CSR subsystem NewCSR. On affected versions, certain sequences of CSR operations targeting non-existent/custom CSR...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007389 advisory. In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BCFREEBUFFER processing, the BINDERTYPEFDA object...