Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled. The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check whether the .startstreaming operation has been called. It then decides whether t...

SUSE CVE-2026-43412

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. On ADSP stop, the q6apm-audio .remove callback unloads...

SUSE CVE-2026-43471

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...

EUVD-2026-28714

In the Linux kernel, the following vulnerability has been resolved: ceph: add a bunch of missing cephpathinfo initializers cephmdscbuildpath must be called with a zero-initialized cephpathinfo parameter, or else the following cephmdscfreepathinfo may crash. Example crash on Linux 6.18.12:...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - Do not allow gsosize to be set to GSOBYFRAGS. - A missing check in virtionethdrtoskb allowed syzbot to crash kernels again. Do not allow gsosize to be set to GSOBYFRAGS 0xffff, because this magic value is used by the kernel...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttproxy: restriction to prerouting hooks TPROXY is only allowed to operate during prerouting, but nfttproxy does not enforce this restriction. This fix resolves a crash null dereference that occurs when using TPROXY...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a crash that occurred due to out-of-bounds access to reg2btfids. When the commit e6ac2450d6de “bpf: Support bpf programs that call kernel functions” added support for kfunc, it defined reg2btfids as a convenient way to...

CVE-2026-31765

Summary: CVE-2026-31765 affects the Linux kernel AMDGPU driver. A mismatch between the reserved trap area (AMDGPU_VA_RESERVED_TRAP_SIZE) and the allocated KFD GPU memory on systems with 64KB pages can cause a kernel crash, including a NULL pointer dereference, when running certain GPU tests (e.g....

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006662 advisory. In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in ibmvnicopen If ibmvnicopen encounters an error such as when settin...

SUSE CVE-2026-23300

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device e.g., "ip -6 nexthop add id 100 dev lo", fib6nhinit misclassifies it as a reject route...

SUSE CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

MiracleLinux 8 : kernel-4.18.0-553.32.1.el8_10 (AXSA:2025-9521:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9521:01 advisory. kernel: selinux,smack: don't bypass permissions check in inodesetsecctx hook CVE-2024-46695 kernel: net: avoid potential underflow in qdiscpktlenini...

CVE-2023-54199 drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix null ptr access in adrenogpucleanup Fix the below kernel panic due to null pointer access: 18.504431 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 18.513464 Mem abort inf...

CVE-2023-54196 fs/ntfs3: Fix NULL pointer dereference in 'ni_write_inode'

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL pointer dereference in 'niwriteinode' Syzbot found the following issue: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000016 Mem abort info: ESR = 0x0000000096000006 EC = 0x25:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50364: i2c: mux: reg: check return value after calling platformgetresource bsc1250083. CVE-2022-50368: drm/msm/dsi: fix memory corruption with too many bridge...

CVE-2025-40357

CVE-2025-40357 affects the Linux kernel net/smc subsystem, fixing a general protection fault in __smc_diag_dump reported by syzbot. The description states the fault occurs during diag dump processing and that the fix involves removing the INET_PROTOSW_ICSK flag due to an incorrect cast of smc_soc...

CVE-2025-40311

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

EUVD-2025-124968

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using iocinfo During mpt3sastransportportremove, messages were logged with devprintk against &mpt3sasport-port-dev. At this point the SAS transport device may already be...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986929 advisory. In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix possible crash in bnxthwrmsetcoal During the error recovery sequence, the rtnllock is...

EUVD-2025-20822

Malicious code in bioql PyPI...