Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: vimc: Fixed an incorrect function call when vimcinit fails. In vimcinit, when platformdriverregister&vimcpdrv fails, the function platformdriverunregister&vimcpdrv is called incorrectly instead of...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc out stream count may change after waitforsndbuf. When the main thread in the client starts a connection, if its out stream count is...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by missing clock pointer initialization. The clkgetrate call is performed on an uninitialized clk pointer, resulting in division by zer...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Added resctrlcpudetect to the bspinit helper. Since 923f3a2b48bd “x86/resctrl: Query LLC monitoring properties once during boot”, resctrlcpudetect has been moved from the common CPU initialization code to the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

Astra Linux - уязвимость в linux-firmware

Improper initialization of the IntelR PROSet/Wireless and IntelR KillerTM Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Handle SRCU initialization failure during page track init Check the return of initsrcustruct, which can fail due to OOM, when initializing the page track mechanism. Lack of checking leads to a NULL pointer deref found b...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Media: MediTech: vcodec: Fixed an oops when HEVC initialization fails The stateless HEVC decoder saves the instance pointer in the context, regardless of whether the initialization succeeded or not. This caused a use-after-fre...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Ensure that snduna is properly initialized upon connection. This issue is strictly related to the commit fb7a0d334894 „mptcp: Ensure that sndnxt is properly initialized upon connection“. It turns out that syzkaller can...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix for hang during reboot/shutdown The recent commit 974578017fc1 “iavf: Add waiting so that the port is initialized in remove” adds a wait-loop at the beginning of iavfremove, to ensure that port initialization is complet...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: hfs: fixed the issue where fields of hfs inodeinfo were initialized after hfsallocinode Syzbot reports an issue with accessing uninitialized values as follows: loop0: detected a change in capacity from 0 to 64...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fastcommit When doing fastcommit replay an infinite loop may occur due to an uninitialized extentstatus struct. ext4extdetermineinserthole does not detect the replay and calls...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: jfs: Fixed the uninit-value access to newea in eabuffer syzbot reports that lzo1x1docompress uses uninit-value: ===================================================== BUG: KMSAN: uninit-value in lzo1x1docompress+0x19f9/0x2510...

Malicious code in gauth-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...

usb: gadget: f_hid: move list and spinlock inits from bind to alloc

...

Linux Distros Unpatched Vulnerability : CVE-2026-31749

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: niatmio16d: Fix invalid clean-up after failed attach If the driver's COMEDI attach handler function atmio16dattach returns an error, the COMEDI core wil...

Linux Distros Unpatched Vulnerability : CVE-2026-43035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: sched: clsapi: fix tcchainfillnode to initialize tcminfo to zero to prevent an info-leak When building netlink messages, tcchainfillnode never initializes...

Linux Distros Unpatched Vulnerability : CVE-2026-31714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm syz.0.23...

CVE-2026-31754

A flaw was found in the Linux kernel's USB subsystem, specifically within the cdns3 gadget driver. A local user could exploit this vulnerability by attempting to switch the USB role to host mode after a gadget initialization failure. This state inconsistency can lead to a system crash, resulting ...