227 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46116
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load ...
EUVD-2026-32875
In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: BPF: sockmap: Fixed a use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported a use-after-free of the UNIX socket’s sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer’s -skdataready is call...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller, we encounter an out-of-bound error. The specific issue is “KASAN: slab-out-of-bounds Read in regcacheflatread”. The backtrace of the issue is as...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: added a sentinel to xehpoabcounters Arrays passed to reginrangetable should end with an empty record. The patch fixes a bug detected by KASAN with the following signature: BUG: KASAN: global-out-of-bounds in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy. Otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Split the initial and dynamic conditions for extentcache. Let’s allocate the extentcache tree without dynamic conditions to avoid a panic caused by a missing condition, as shown below. Create a file with a compressed fla...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: um: Fixed an out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== Bugs: KASAN: Out-of-bounds acce...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: updating the channel list in the notifier instead of the reg worker Currently, when ath11k receives a new channel list, it processes it according to the following steps: 1. Update the new channel list to cfg80211 an...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: xtables: fixed the LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Size 1 was read at address ffff8881022da0c8 by task repro/587...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: scsidebug: Fixed the type of mint to avoid stack out-of-bounds situations. Changed mint to use the type “u32” instead of “int” to prevent stack out-of-bounds conditions. When mint uses the “int” type, values are...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ext4: Fixed a use-after-free issue in ext4findextent when using bigalloc with inline data. Syzbot identified the following issue: loop0: A change in capacity was detected, from 0 to 2048. EXT4-fs loop0: The filesystem...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: wilc1000: using vmmtable as an array in the wilc struct. Enabling KASAN and running some iperf tests causes some memory issues related to vmmtable. Bug: KASAN: A slab-out-of-bounds issue exists in...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerabilities have been resolved: ASoC: meson: axg-card: fixed “use-after-free” issue The buffer “card-dailink” is reallocated in “mesoncardreallocatelinks”. Therefore, the initialization of the “pad” pointer should be moved after this function, when the memor...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: Fixed the sanity check on ixattrnid in sanitycheck inode. syzbot reports a kernel bug as follows: F2FS-fs loop0: Mounted with checkpoint version = 48b305e4 ========================================== BUG: KASAN:...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: nfc: pn533: Wait for outurb’s completion in pn533usbsendframe A use-after-free issue occurred in hcd when the inurb sent from pn533usbsendframe was completed earlier than outurb. The callback in pn533sendComplete frees the skb...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: cxl/mbox: The cxlpayloadfromuserallowed function now validates the size of the payload before accessing its contents. The cxlpayloadfromuserallowed function casts and dereferences the input payload without first verifying its...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fixed the KASAN global-out-of-bounds warning When running the “perf mem record” command on CWF, the following KASAN global-out-of-bounds warning is observed...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ARM: 9381/1: kasan: cleared stale stack poison We have identified the following OOB crash: 33.452494 ================================================================== 33.453513 BUG: KASAN: stack-out-of-bounds in...