CVE-2026-46020 mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: Add a target node validity check in damonmigratepages. This validation is taken from dopagesmove, which is used in the movepages system call. The bug occurs when damonmigratepages attempts to migrate pages ev...

CVE-2025-39700

In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore migration request to invalid nodes damonmigratepages tries migration even if the target node is invalid. If users mistakenly make such invalid requests via DAMOSMIGRATEHOT,COLD action, the below kernel...

UBUNTU-CVE-2025-39700

In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore migration request to invalid nodes damonmigratepages tries migration even if the target node is invalid. If users mistakenly make such invalid requests via DAMOSMIGRATEHOT,COLD action, the below kernel...

hivex: Buffer overflow when provided invalid node key length

A flaw was found in the hivex library. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat...