Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Wifi: ath11k: Fixed corruption of SKBs in the REO destination ring. While running traffic for a long time, a RX descriptor filled with the value “0” from the REO destination ring is occasionally received. This invalid descript...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fixed a double-free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to release the device reference. kfree is not required. Add kfree if idralloc fails, and also in ac97adapterreleas...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerabilities have been resolved: memcg: Protection was added for concurrent access to memcgroupidr. Commit 73f576c04b94 “mm: memcontrol: fixed cgroup creation failures after many small operations” separated the memcg IDs from the CSS ID space to address cgrou...

Siemens SIMATIC S7-1500 Use After Free (CVE-2025-38212)

In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, 0 0: https://lore.ke rnel.org/all/[email protected]/ idrforeach is protected by rwsem, but th...

CVE-2026-23149

In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi and the internal implementation uses idralloc which uses int ranges, passing a new handle larger than INTM...

SUSE CVE-2025-71192

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to drop the device reference. kfree is not required. Add kfree if idralloc fails and in ac97adapterrelease to do the...

CVE-2026-22987

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

CVE-2026-22987

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

CVE-2026-22987 net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: avoid dereferencing ERRPTR in tcfidrinfodestroy syzbot reported a crash in tcactinhw during netns teardown where tcfidrinfodestroy passed an ERRPTR-EBUSY value as a tcaction pointer, leading to an invalid...

CVE-2026-22987

CVE-2026-22987 concerns the Linux kernel net/sched subsystem. The issue arises when tcf_idrinfo_destroy() can pass an ERR_PTR(-EBUSY) as a tc_action pointer during netns teardown, leading to a dereference of an error pointer in tc_act_in_hw(). The fix adds a guard to skip ERR_PTR entries while it...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38212)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38212 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using R...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003615 advisory. An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idralloc fails in genlregisterfamily in net/netlink/genetlink.c. Tenable...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001246)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001246 advisory. A double-free can happen in idrremoveall in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003960 advisory. An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idralloc fails in genlregisterfamily in net/netlink/genetlink.c. Tenable...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004091)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004091 advisory. A double-free can happen in idrremoveall in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or...

Linux Distros Unpatched Vulnerability : CVE-2023-54206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the...

CVE-2023-54206

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

CVE-2023-54206

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

CVE-2023-54206 net/sched: flower: fix filter idr initialization

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...

CVE-2023-54206 net/sched: flower: fix filter idr initialization

In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: fix filter idr initialization The cited commit moved idr initialization too early in flchange which allows concurrent users to access the filter that is still being initialized and is in inconsistent state,...