Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: A devm-managed release action was added to safely tear down the CT. When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: iommu/arm-smmu-v3: Fixed the soft lockup triggered by armsmmumminvalidaterange. When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------- watchdog:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: Call invalidatecache only if implemented Many filesystems such as NFS and Ceph do not implement the invalidatecache method. On those filesystems, if writing to the cache NETFSWRITETOCACHE fails for some reason, the kernel...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: Errata: Add a workaround for speculative unprivileged loads on Cortex-A520. Implement the workaround according to erratum 2966298 for ARM Cortex-A520. On an affected Cortex-A520 core, a speculative unprivileged load may le...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidaterangestart/end on mremapoldsize=0 If an mremap syscall with oldsize=0 ends up in movepagetables, it will call invalidaterangestart/invalidaterangeend unnecessarily, i.e. with an empty range...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The blockinvalidatefolio method was provided to fix a memory leak. The ntfs3 filesystem lacks the invalidatefolio method, which causes a memory leak. If you write to the filesystem and then unmount it, the cached writte...

Linux Distros Unpatched Vulnerability : CVE-2026-31589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: call -freefolio directly in foliounmapinvalidate We can only call filemapfreefolio if we have a reference to or hold a lock on the mapping. Otherwise, we've...

EUVD-2026-25482

In the Linux kernel, the following vulnerability has been resolved: mm: call -freefolio directly in foliounmapinvalidate We can only call filemapfreefolio if we have a reference to or hold a lock on the mapping. Otherwise, we've already removed the folio from the mapping so it no longer pins the...

CVE-2026-31561

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Remove X86CR4FRED from the CR4 pinned bits mask Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so that whenever something else modifies CR4, that bit remains set. Which in itself is a perfectly fine...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unconditional expiration of sessions when binding fails. This could allow remote attackers to...

EUVD-2025-209371

When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was intercepted. In Airflow 3.2 we implemented the mechanism that implements token invalidation at logout. Users who are concerned about the logout scenario...

Weak Password Recovery Mechanism for Forgotten Password

Overview Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the ResetPassword function and the background token cleanup process. An attacker can gain persistent unauthorized access to user accounts by reusing intercepted password reset...

Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem

A vulnerability was found in the Linux kernel's blockinvalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service DOS problem...

PT-2026-2850

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element PE may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by t...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993184 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into...

PT-2025-53072

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the net/mlx5e component. The problem stems from an incorrect encap attribute being used during invalidation, specifically in the mlx5e invalidat...

CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Add devm release action to safely tear down CT When a buffer object BO is allocated with the XEBOFLAGGGTTINVALIDATE flag, the driver initiates TLB invalidation requests via the CTB mechanism while releasing the BO...

DEBIAN-CVE-2022-50620

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...

UBUNTU-CVE-2022-50620

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...

CVE-2022-50620

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to invalidate dcc-f2fsissuediscard in error path Syzbot reports a NULL pointer dereference issue as below: refcountadd include/linux/refcount.h:193 inline refcountinc include/linux/refcount.h:250 inline refcountinc...