2582 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce- unwind-tables=y flag only emits the uwtable annotation for...
CVE-2026-53346
A flaw was found in the Linux kernel. A bug in the Rust compiler's handling of unwind tables for ARM64 architecture can lead to incorrect debugging information for kernel AddressSanitizer KASAN constructors. When a specific security feature CONFIGUNWINDPATCHPACINTOSCS is enabled, this error cause...
CVE-2026-53343
A flaw was found in the Linux kernel. On ARMv5 systems configured with Kernel Address Sanitizer KASAN for virtual memory allocated VMAP stack shadow, a memory access operation could attempt to read data from an unaligned memory address. This unaligned access leads to an alignment exception, causi...
UBUNTU-CVE-2026-53343
In the Linux kernel, the following vulnerability has been resolved: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 "ARM: 9430/1: entry: Do a dummy read from VMAP shadow" added a dummy read from the KASAN VMAP stack shadow in switchto. The read uses ldr, but the...
EUVD-2026-40980
In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...
CVE-2026-53346
In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...
CVE-2026-53343
The CVE-2026-53343 entry documents a Linux kernel ARM vulnerability patch: in configurations with KASAN_VMALLOC and VMAP_STACK, a dummy read from the KASAN VMAP shadow in __switch_to() used an unaligned word load (ldr) which can fault on ARMv5 and crash ARM926/VersatilePB; the fix switches to a b...
SUSE CVE-2026-53040
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...
UBUNTU-CVE-2026-53255
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate advertising TLV before type checks tlvdataisvalid reads each advertising data field length from datai, then inspects datai + 1 for managed EIR types before checking that the current field still fits insi...
UBUNTU-CVE-2026-53253
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...
CVE-2026-53255
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate advertising TLV before type checks tlvdataisvalid reads each advertising data field length from datai, then inspects datai + 1 for managed EIR types before checking that the current field still fits insi...
Linux Distros Unpatched Vulnerability : CVE-2026-53040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with...
EUVD-2026-38841
In the Linux kernel, the following vulnerability has been resolved: futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing CLONETHREAD. This breaks the non-concurrency assumptions when doing the...
CVE-2026-52973
In the Linux kernel, the following vulnerability has been resolved: futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing CLONETHREAD. This breaks the non-concurrency assumptions when doing the...
CVE-2026-53038
The CVE-2026-53038 issue affects the Linux kernel’s ima_fs logic, where allocated TPM crypto_id can be HASH_ALGO__LAST for unsupported TPM algorithms, leading to reads of hash_algo_name[] out of bounds. The provided documents confirm that TPM algorithms like SHA3-256 (0x0027) may be unsupported, ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fstcardinfo is deallocated in fstremoveone. However, the fsttxtask or fstinttask may still be running ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fixed a NULLptrderef issue in ishtpbusremoveallclients. During a warm reset process, the cl-device pointer may become NULL if the reset occurs while clients are still being enumerated. Accessing...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: macvlan: A grace period for resource control is observed in the error path of macvlancommonnewlink. Valis reported that a race condition still occurs after our previous patch. macvlancommonnewlink might have made the device...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Free routing table on probe failure If complete is set to true in dsatreesetup, it means that we are the last switch in the tree that is being probed successfully. We should then set up all switches along our probe path...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevented RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...