Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed an array-index-out-of-bounds issue in diNewExt Syz report UBSAN: array-index-out-of-bounds in fs/jfs/jfsimap.c:2360:2 The index -878706688 is out of range for the type ‘struct iagctl128’ CPU: 1 PID: 5065 Comm:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ice: Fixed a null pointer dereference in icecopyandinitpkg. Added a check on the return value of devmkmemdup to prevent potential null pointer dereferences...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the inode leak in btrfsiget. BUG There is a bug report that a syzbot reproducer can cause the following issue: A busy inode occurs at the time of unmount: - BTRFS info device loop1: Last unmount of the filesystem...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: - ice: Fixed the KASAN error in the LAG NETDEVUNREGISTER handler. Currently, the same handler is called for both the NETDEVBONDINGINFO LAG unlink notification and the NETDEVUNREGISTER call. This causes problems, as the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Validates the index root when initializing NTFS security. This improves the sanity check for $SDH and $SII during the initialization of NTFS security, ensuring that these index roots are legitimate. 162.459513 BUG:...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: The IOWQBITEXIT check is performed within the work run loop. Currently, this check is performed before executing the pending tasks. Normally, this works fine, as the tasks either block temporarily and then a new...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Refreshing the inline data size before write operations The cached ei-iInlineSize can become stale between the initial size check and when ext4updateInlineData/ext4createInlineData use it. Although ext4getmaxInlineSize read...

SUSE-RU-2026:21753-1 Recommended update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix one issue The following non security issue was fixed: - CVE-2026-46333: Fixed logic bug in the Linux kernel's ptracemayaccess function bsc1265308...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag: Universal Linux LPE Abstract This document e...

SUSE CVE-2026-43299

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flips RO this part is expected, although the ENOSPC bug still needs to be...

SUSE CVE-2026-43169

In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUGON by validating rounded allocation When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power-of-two via rounduppowoftwo. Similarly, for non-contiguous allocations with lar...

CVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()

In the Linux kernel, the following vulnerability has been resolved: bonding: fix type confusion in bondsetupbyslave kernel BUG at net/core/skbuff.c:2306! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:pskbexpandhead+0xa08/0xfe0 net/core/skbuff.c:2306 RSP: 0018:ffffc90004aff760 EFLAGS:...

CVE-2026-43427

The CVE covers a Linux kernel issue in the usb: class: cdc-wdm read path. Due to compiler optimization or CPU out-of-order execution, desc->length could be updated after a memmove, causing wdm_read() to observe a new length and copy_to_user() from uninitialized memory, violating LKMM data race...

CVE-2026-43299

Consolidated details show CVE-2026-43299 affects the Linux kernel btrfs filesystem. When ENOSPC can cause the filesystem to flip to read‑only in a critical path, a pending read repair may trigger an assertion failure inside btrfs_repair_io_failure(), leading to a kernel crash. The issue is docume...

Linux Distros Unpatched Vulnerability : CVE-2026-43456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bonding: fix type confusion in bondsetupbyslave kernel BUG at net/core/skbuff.c:2306! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP:...

CVE-2026-43213 wifi: rtw89: pci: validate sequence number of TX release report

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...

CVE-2026-43094

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiatefeatures op to Hyper-V ops table Commit a7075f501bd3 "ixgbevf: fix mailbox API compatibility by negotiating supported features" added the .negotiatefeatures callback to ixgbemacoperations and populat...

SUSE CVE-2026-43012

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...

EUVD-2026-27363

In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4mbrelease While reviewing recent ext4 patch1, Sashiko raised the following concern2: If the filesystem is initially mounted with the discard option, deleting files will populate...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Protection against accessing NULL pt regs in bpfgettaskstack The taskptregs function can return NULL on the powerpc architecture for kernel threads. This NULL value is then used in bpfgetstack to check for the user mode...