Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fixed a potential memory leak in otx2inittc. In otx2inittc, if rhashtableinit fails, the variable tc-tcEntriesBitmap, which is allocated from otx2tcallocEntbitmap, is not freed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: Avoid a use-after-free when BO init fails nouveauboinit is backed by ttmboinit and passes its return value back to the caller. In case of failures, ttmboinit invokes the provided destructor, which should...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipc: mqueue: A possible memory leak has been fixed in initmqueuefs. The commit number is db7cfc380900 „ipc: Free mqsysctls if ipc namespace creation failed“. This is a similar memory leak to the one fixed by the above patch. The...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sctp: The issue of integer overflow during autoclose operations in sctpassociationinit has been addressed. By default, maxautoclose equals INTMAX / HZ. However, it is possible to set net.sctp.maxautoclose to UINTMAX. There is...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fixed an oops due to incorrect initialization of drmsched before its fini. Currently, amdgpu calls drmschedfini from the fence driver’s fini routine. Such a call is expected to occur only after the respective in...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fixed a resource leak in the probe. I have rewritten the error handling code, but the issue remains that if initimstt fails, we need to call iounmappar-cmap regs...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the bpf function, the task with pid=1 can be skipped in the sendsignalcommon function. The following kernel panic can occur when a task with pid=1 attempts to send a killing signal to itself. For more details, see 1. Kernel...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: scsi: qla2xxx: Fix for possible memory corruption. The Init Control Block is being referenced incorrectly. It should be referenced correctly...

SUSE CVE-2026-31713

In the Linux kernel, the following vulnerability has been resolved: fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason error, crash while processing FUSEINIT, the filesystem creation will hang. The reason is that while all other threads will...

Linux Distros Unpatched Vulnerability : CVE-2026-31721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hid...

Linux Distros Unpatched Vulnerability : CVE-2026-31713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason error, crash while processing FUSEINIT, the filesystem...

CVE-2026-31713

A flaw was found in the Linux kernel's Filesystem in Userspace FUSE component. When using synchronous initialization sync init, if the FUSE server exits unexpectedly while processing the FUSEINIT request, the filesystem creation process can hang. This issue occurs because the mounting thread keep...

CVE-2026-31778

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

CVE-2026-31754

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: fix state inconsistency on gadget init failure When cdns3gadgetstart fails, the DRD hardware is left in gadget mode while software state remains INACTIVE, creating hardware/software state inconsistency. When...

CVE-2026-31730

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: possible double-free of cctx-remoteheap fastrpcinitcreatestaticprocess may free cctx-remoteheap on the errmap path but does not clear the pointer. Later, fastrpcrpmsgremove frees cctx-remoteheap again if it is...

CVE-2026-31713

In the Linux kernel, the following vulnerability has been resolved: fuse: abort on fatal signal during sync init When sync init is used and the server exits for some reason error, crash while processing FUSEINIT, the filesystem creation will hang. The reason is that while all other threads will...

CVE-2026-43049 HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure Presently, if the force feedback initialisation fails when probing the Logitech G920 Driving Force Racing Wheel for Xbox One, an error number wi...

CVE-2026-31778 ALSA: caiaq: fix stack out-of-bounds read in init_card

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

EUVD-2026-26591

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

CVE-2026-31778

Summary: CVE-2026-31778 affects the Linux kernel ALSA caiaq driver (init_card) and is caused by an off-by-one in a whitespace-stripping loop that copies a card id. The 16-byte local buffer can be filled without leaving space for the terminating null, causing a non-null-terminated string to be pas...