Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Avoid invalid reads in irdmanetevent. The irdmanetevent function should not dereference anything from “neigh” alias “ptr” until it has checked that the event is of type NETEVENTNEIGHUPDATE. Other events are pointed to...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: dm raid: fixed the KASAN warning in raid5adddisks. There is a KASAN warning in raid5adddisk when running the LVM testsuite. The warning occurs during the test lvconvert-raid-reshape-lineartoraid6-single-type.sh. We fixed this...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint – Fix for handling the configfs group list head The use of listdel on the epfgroup field of struct pciepfdriver in pciepfremovecfs is incorrect. This field is a list head, not a list entry. This listdel call trigger...

CVE-2026-46133

The CVE-2026-46133 issue affects Linux kernel’s Soft RoCE (RDMA/rxe) where an unauthenticated UDP packet with an unknown opcode could trigger an out-of-bounds read during ICRC/CRC processing due to missing validation of opcodes before length arithmetic. The advisory describes that entries in the ...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2026-40369: Defensive Analysis of the 12-Byte Windows Kern...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: arm64/poly1305 – fixed a read out-of-bound issue. A KASAN error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neonpoly1305blocks.constprop.0+0x1b4/0x250 poly1305neon Read of size 4 at addr...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use-after-free out of bounds. When we run syzkaller, we encounter an Out of Bounds error. The specific error message is: “KASAN: slab-out-of-bounds Read in regcacheflatread”. The issue can be traced as...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: fix listhead check warning This issue is caused by the uninitialization of listhead. Bug: KASAN: use-after-free in listdelentryvalid+0x34/0xe4. Call trace: dumpbacktrace+0x0/0x298 showstack+0x24/0x34...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: zloop: fixed the KASAN use-after-free of tagset When a zoned loop device, or zloop device, is removed, the KASAN-enabled kernel reports “BUG KASAN use-after-free” in the blkmqfreetagset function. This bug occurs because...

Exploit for CVE-2026-40369

CVE-2026-40369: Arbitrary Kernel Address Increment via NtQuery...

CVE-2026-43449

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix slab-out-of-bounds in nvmedbbufset dev-onlinequeues is a count incremented in nvmeinitqueue. Thus, valid indices are 0 through dev-onlinequeues − 1. This patch fixes the loop condition to ensure the index stays with...

CVE-2026-43197

CVE-2026-43197 concerns a Linux kernel netconsole vulnerability where messages from the console subsystem could be read out-of-bounds due to missing null-termination. The root cause is a netconsole write path that could access memory beyond the allocated buffer, observable as a slab-out-of-bounds...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate sufficient space for GMU registers In commit 142639a52a01 “drm/msm/a6xx: fix crashstate capture for A650”, we changed a6xxgetgmuregisters to read 3 sets of registers. Unfortunately, we did not change the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed kernel address leakage in atomic cmpxchg operations with R0 as an auxiliary register. The implementation of BPFCMPXCHG at a high level has the following parameters: .-old-val .-new-val BPFR0 = cmpxchg32,64DSTREG +...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed potential improper pointer dereferencing in bpfsysbpf. The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case, the argument union bpfattr pointer along...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - Ice: Fixed the KASAN error in the LAG NETDEVUNREGISTER handler. Currently, the same handler is called for both the NETDEVBONDINGINFO LAG unlink notification and the NETDEVUNREGISTER call. This causes a problem, as the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fixed a stack-out-of-bounds issue in strncpy “BUG: KASAN: Stack-out-of-bounds in strncpy+0x30/0x68” The Linux-ATF interface uses 16 bytes of SMC payload. If the clock name is longer than 15 bytes, the string...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/alternatives: Disabling KASAN during applyalternatives Fei has reported that KASAN is triggered during applyalternatives on a 5-level paging machine: BUG: KASAN: Out-of-bounds access in rcuiswatching Reading of a 4-byte value...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fixed invalid address access in lookuprec when the index is 0. KASAN reported the following issue: BUG: KASAN: use-after-free in lookuprec A read of size 8 at the address ffff000199270ff0 was performed by the task modprob...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fixed an MTE false alarm in dokrealloc. This patch addresses an issue introduced by commit 1a83a716ec233, which caused MTE Memory Tagging Extension to falsely report a slab-out-of-bounds error. The problem occurs wh...