Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hwrng: core – Fix page fault deadlock on mmap-ed hwrng There is a dead-lock in the hwrng device read path. This occurs when the user reads from /dev/hwrng into memory, and at the same time, /dev/hwrng is also mapped into memory...

SUSE CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

SUSE CVE-2026-46075

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

CVE-2026-45949

A flaw was found in the Linux kernel's hardware random number generator hwrng core. A race condition exists where concurrent or rapid calls to the hwrngunregister function can lead to a use-after-free vulnerability. This issue allows the system to attempt to access freed memory, potentially causi...

CVE-2026-46075

A flaw was found in the Linux kernel, specifically within the atmel-sha204a cryptographic hardware random number generator hwrng driver. During the device removal process, a race condition can occur where a queued callback might execute while the device is being torn down. This can lead to a...

EUVD-2026-32233

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

CVE-2026-46075

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new -read calls and flush the Atmel I2C workqueue before teardown to prevent a potential UAF if a queued callback runs while...

CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

UBUNTU-CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

CVE-2026-46075

CVE-2026-46075 concerns the Linux kernel crypto driver crypto: atmel-sha204a. The available details describe a fix for potential use-after-free (UAF) and a memory leak in the remove path. The remediation includes:Unregistering the hwrng to stop new read() calls and flushing the Atmel I2C workqueu...

CVE-2026-45949 hwrng: core - use RCU and work_struct to fix race condition

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the cleanup of the hwrngfill function and the thread termination in the...

Linux Distros Unpatched Vulnerability : CVE-2026-45949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads...

PT-2026-43942

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A Use-After-Free UAF and memory leak issue exists in the atmel-sha204a crypto component. The problem occurs during the device removal process if the Atmel I2C workqueue is not flushed befor...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the tpm function, the TPM chip must be locked first in tpmpmsuspend. Setting TPMCHIPFLAGSUSPENDED at the end of tpmpmsuspend can be done more efficiently. This approach leaves a window during which tpmhwrngread may be called...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013549 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comme...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011034)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011034 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comme...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013277 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comme...

CVE-2022-50868

In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...

SUSE CVE-2022-50868

In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...