21 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: hv: vmbus: Disabled the option to deactivate sysctlrecordpanicmsg by default in isolated guests. The hvpanicpage may contain information sensitive to guests; do not dump this information to Hyper-V by default in...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mptcp: Use the appropriate destructor for IPv6. Previously, only the destructor from the TCP request sock in IPv4 was called, even if the subflow was IPv6. It is important to use the correct destructor to avoid memory leaks with...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed a possible NULL pointer dereferencing in sndusbpcmhasfixedrate. The argument of the subs function may be NULL; therefore, do not use it before a NULL check...
Astra Linux - уязвимость в linux-5.15
A out-of-bounds memory read flaw was discovered in the parseleasestate function within the KSMBD implementation of the in-kernel Samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command along with a malformed payload to KSMBD, due to a lack of checks on the NameOffset...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in KVM AMD Secure Encrypted Virtualization SEV within the Linux kernel. A KVM guest that uses SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the VMGEXIT handler recursively. If an attacker manages to call the handler...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in ‘ext4dareleasespace’ The Syzkaller report describes the issue as follows: EXT4-fs loop0: Details of free/dirty blocks EXT4-fs loop0: freeblocks=0 EXT4-fs loop0: dirtyblocks=0 EXT4-fs loop0: Details of block...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btusb: Added a NULL check for “date-evtskb”. Fixed crashes due to NULL pointers. 6104.969662 BUG: NULL pointer dereferencing in the kernel; address: 00000000000000c8 6104.969667 PF: Supervisor read access in kernel...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ath11k: Disable spectral scan during spectral deinit When ath11k modules are removed using rmmod with spectral scan enabled, crashes occur. Different crash traces are observed for each crash. Send a WMI command to disable spectra...
Astra Linux - уязвимость в linux-5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue arises from the lack of proper locking when performing operations on an object. An attacker can...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix kernel crash during module removal The driver incorrectly frees client instance and subsequent i40e module removal leads to kernel crash. Reproducer: 1. do ethtool offline test followed immediately by another one host...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed potential data corruption issues. We must ensure that the subrequests are reattached to the head before we can retransmit a request. If the head was not on the commit lists, because the server wrote it synchronously...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around user-unixinflight. user-unixinflight is updated under spinlockunixgclock, but toomanyunixfds accesses it without locking it. We need to annotate the write/read accesses to user-unixinflight. BU...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fixed possible descptr out-of-bounds accesses. Sanitized possible descptr out-of-bounds accesses in sesenclosuredataprocess...
Astra Linux - уязвимость в linux-5.15
rpmsgvirtioaddctrldev in drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel before 5.18.4 has a double free...
Astra Linux - уязвимость в linux-5.15
A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c omits a kfree call in certain error conditions during the smb2handlenegotiate process, resulting in a memory leak...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: reset: uniphier-glue: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeres invoked, if platformgetresource returns NULL...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010701)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010701 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010708)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010708 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2writ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001420)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001420 advisory. In the Linux kernel through 5.15.2, mwifiexusbrecv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker who can connect a crafted USB device to cause a...
AZL-70510 CVE-2025-38449 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...