Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: iouring: Fixed a null-ptr-deref in iotctxexitcb. Syzkaller reports a NULL deref bug as follows: BUG: KASAN: null-ptr-deref in iotctxexitcb+0x53/0xd3 Read of size 4 at address 0000000000000138 by task file1/1955 CPU: 1 PID: 195...

Important: kernel-livepatch-6.12.80-106.156

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.12.80-106.156 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

CVE-2026-43174

A flaw was found in the Linux kernel's iouring/zcrx subsystem. Incorrect error handling during post-open operations allows for the direct release of zcrx ctx without ensuring that all associated page pools are properly terminated. This resource management issue could lead to system instability or...

CVE-2026-43121

CVE-2026-43121 involves the Linux kernel io_uring/zcrx race between scrub and refill paths. The non-atomic read-then-decrement of the user_refs can race with io_zcrx_scrub() using atomic_xchg, causing a double-free of a niov and an out-of-bounds write past the freelist array. The fix replaces the...

CVE-2026-23275

A flaw was found in the Linux kernel's iouring subsystem. This vulnerability occurs during the resizing of an iouring ring when task work is added with specific flags DEFERTASKRUN or SETUPTASKRUN. A race condition allows the IORINGSQTASKRUN flag to be set in an unstable memory region, which can...

RHEL 9 : kernel (RHSA-2026:2212)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2212 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: openvswitch: fix nested k...

ALSA-2026:1690 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability CVE-2025-37819 kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ibregisterdevice" problem CVE-2025-38022 kernel: Linux...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001376 advisory. In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004496 advisory. An issue was discovered in domadvise in mm/madvise.c in the Linux kernel before 5.6.8. There is a race condition between coredump operations and the IORINGOPMADVISE...

CVE-2025-68805

In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a request is terminated before it has been committed, the request is not removed from the queue's list. This leaves a dangling list entry that leads to...

SUSE-SU-2026:20012-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

SUSE-SU-2026:20015-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

CVE-2025-39963

In the Linux kernel, the following vulnerability has been resolved: iouring: fix incorrect iokiocb reference in iolinkskb In iolinkskb function, there is a bug where prevnotif is incorrectly assigned using 'nd' instead of 'prevnd'. This causes the context validation check to compare the current...

EUVD-2025-31872

EUVD-2025-31872...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ioringexitwork function waiting for a request to complete without using an interruptible state, which...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer dereference in l3mdevl3rcv CVE-2025-22103 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying CVE-2025-22113...

CVE-2022-50234

CVE-2022-50234 concerns the Linux kernel’s io_uring/af_unix subsystem. The vulnerability arises from deferring the garbage-collection of registered files to the io_uring release path rather than performing it via unix_gc(), coupled with using these registered files for cycle-detection without act...

PT-2025-37597

In the Linux kernel, the following vulnerability has been resolved: io uring/msg ring: Fix NULL pointer dereference in io msg send fd Syzkaller produced the below call trace: BUG: KASAN: null-ptr-deref in io msg ring+0x3cb/0x9f0 Write of size 8 at addr 0000000000000070 by task repro/16399 CPU: 0...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: The handling of recovery and reissue operations in ublkabortqueue has been fixed. The commit 8284066946e6 “ublk: grabbing the request reference when the request is handled by userspace” does not grab the request reference i...

SUSE-SU-2025:20206-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-27415: netfilter: brnetfilter: skip conntrack input hook for promisc packets bsc1224757. - CVE-2024-50038: netfilter: xtables: fix typo causin...