EUVD-2026-38873

In the Linux kernel, the following vulnerability has been resolved: afunix: Drop all SCM attributes for SOCKMAP. SOCKMAP can hide inflight fd from AFUNIX GC. When a socket in SOCKMAP receives skb with inflight fd, skpsockverdictdataready looks up the mapped socket and enqueue skb to its...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: afunix: Fixed the garbage collector’s race condition with connect The garbage collector does not consider the risk of an “embryo” being enqueued during garbage collection. If such an “embryo” has a peer that carries SCMRIGHTS, tw...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nbd: fixed the race condition between timeout and normal completion. If the request for a timeout is handled by nbdrequeuecmd, normal completion must be stopped to avoid completing this queued request. This can lead to other...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg – Zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests that were allocated using sockkmalloc remained uninitialized. This meant that callers had to explicitly set the fields...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed a kernel panic caused by a race condition involving smcsock. A crash occurs when smccdctxhandler attempts to access smcsock, but smcrelease has already freed it. 4570.695099 BUG: Unable to handle a page fault for...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: blk-iolatency: Fixed imbalances in the number of in-flight IO operations and issues with hanging during offline conditions. iolatency needs to track the number of in-flight IO operations per cgroup. Since this tracking can be...

Astra Linux - уязвимость в dpdk

A flaw was discovered in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as auxiliary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By continuously sending such messages, the malicious...

CVE-2026-43425

In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Block: Fix for a race condition between wbtenabledefault and IO submission. When wbtenabledefault is executed outside of the queue freezing mechanism in elevatorchange, it can cause the wbt inflight counter to become negative -1,...

Linux Distros Unpatched Vulnerability : CVE-2026-43054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight...

CVE-2026-43054 scsi: target: tcm_loop: Drain commands in target_reset handler

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...

CVE-2026-43054

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013338 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-race around unixtotinflight. unixtotinflight is changed under spinlockunixgclock...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011040)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011040 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007286)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007286 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect Garbage collector does not take into accoun...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to a denial of service CVE-2024-11831

Summary Node is used by the IBM Datapower Operations Dashboard in their network implementation Vulnerability Details IBM X-Force ID: 351136 DESCRIPTION: Node.js npm inflight module is vulnerable to a denial of service, caused by the failure to properly delete keys from the reqs object after...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005765 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005407 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005646 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user-unixinflight. user-unixinflight is changed under...

SUSE SLES11 Security Update : kernel (SUSE-SU-2026:0688-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0688-1 advisory. The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-0920:...